Uhm, I've got a 7 year old who has been recently getting way into Star Wars and loves watching 1, 2, 4, 5 & 6.
In fact, he's a bigger Star Wars fan than I think I was (well, maybe not).
We'll be awaiting this on on DVD so we can sit down and watch it together (well, I should say he'll be awaiting the DVD... I'll be seeing it in the theater).
Because most people are sheep. They just do what they're told, or what is easiest. So, naturally, it is up to the more technically adept and informed to direct them into what's best. Best, because IE/OE/Outlook are so incredibly full of holes and constantly spreading problems that the non-technical user can't keep up with. Not that Firefox/Thunderbird don't and won't have security holes, but it's much less likely to be as critical and not tied to your OS.
Heh, Sourceforge has a thing to say about Cisco and Linux as well: http://rpmfind.net/linux/RPM/Cisco_Linux.ht ml
Best quote of all: "It takes a company approximately one desktop administrator to support 40 Windows PCs, while one administrator can support between 200 and 400 Linux desktops." says Cisco IT Manager
How many people these days don't have cordless phones? The power goes out even with regular POTS and you still have no working phone unless you've got a regular wired phone plugged in somewhere. The only reason I have a regular phone is because my fax machine has one built in, otherwise I'd be SOL during a power outtage (of course, I have my cell).
I'm wondering how long gmail will keep using the invite system (just through beta?). I keep getting more invites that I can send out, but I'm outta folks that want them.
It's very, very simple, actually. All ISPs need to filter ingress from their customers. Only the valid IPs assigned to their customers should be allowed into the ISP network from that customer.
However, for this to work, all ISPs must do this, as ISPs cannot filter between themselves (as they must allow IPs they don't own to transit).
The 3 different small-ILEC ISPs I've done work for I had implement this. All customers I do work for I implement this (to keep them from spoofing DDoS packets should they get infected, and also to stop someone from spoofing their IPs from the outside).
It's really not that hard, folks just need to follow best practices and buy a decent router/firewall that supports ACLs and implement proper ingress/egress filtering of your valid IP allocations.
As they state, there is a simple solution: TCP MD5 Signature Option with BGP. Any ISP worth their salt will already be doing it. The rest will learn the hard way.
This has been supported in Cisco IOS way back since ~1998 in IOS 11.2.
WTF kind of name is Claria? Sounds like another company I did some contract work for a couple of years ago that got sued by Stanford Univ. because they used Stanford in their title (and had a red "S" logo that looked like Stanford's "S"... uhm, duh, just asking for it). They paid some firm to make up a name and research to make sure that no one already had it and switched to "Sirenza".
Heh, I did a google for Sirenza and Stanford to see if I could find further info on the name change and first found a link on Stanford.edu's site regarding alleged foul play in their IPO
Claria sounds like an STD if you ask me. Something you don't want, much like Santorum (if you don't know the reference, pull down a torrent on Unscrewed 04/07/2004, or just Google for it).
However the Cisco 7920 phone current only supports Cisco's proprietary SCCP (aka "skinny"), which means you have to have a CallManager or router/h.323 gateway running CallManager Express to use the phone. There aren't currently plans to make a SIP image for the 7920 (whereas the desk phone 7940/7960 can be loaded with either SCCP or SIP image loads).
On the plus side, the Cisco 7920 supports Cisco's proprietary LEAP so that the phone is re-keying WEP as often as you set it (9.1 minutes is enough time to get enough WEP keys at the smallest packet size transmitting at 1000 pps). Of course, again this means you need a Cisco Aironet AP and Cisco ACS server to support LEAP.
But then none of the traditional wireless phones are encrypted to my knowledge...
Every bank/credit union I've dealt with uses OS/2 in some lame form or another (mainly doing something with ATMs). These are small local banks of 20 branches.
Cable companies need to limit bandwidth usage at the head-end, not at the CPE. If I own my cablemodem, I should be able to use it however I like, short of abusive network activity. If me and my neighbor want to play high-speed games or transfer files as fast as the coax will handle, we should be able to. Upgrade the infrastructure and limit upstream, but not locally.
Regarding the hijacking of the session, just do what NoCatAuth does: spawn an ssl'd pop-up that has a 5-minute refresh rate. Worst case, the hijacker gets 3-4 minutes of surfing, and then are forced to re-authenticate.
NoCatAuth is what I use at home. Even if you spoof my MAC, you still have to auth as me before you can go anywhere.
I agree with you specifically for the reason of not falling behind. I especially liked the "Have laters" reference in regards to class warfare in the US.
My reason for posting though was to point to a perfect case in point to me (of course I cannot find right now). It was regarding the OSS Squid Proxy which still doesn't have mainline IPv6 support. Yeah, you can get patches for it, but the core developers don't know IPv6, don't have IPv6 connections, and don't (at present) see any need to learn or pursue making it work with IPv6. It'll happen eventually, there will be the need when IPv6 reaches critical mass, or one of the core developers will integrate the patches into the mainline code, but until that point, the project stands to risk being superceeded by another project that might integrate IPv6 sooner and just at the time of critical mass (which will happen in Asia and Europe way before we have the Teir 1 ISPs moving on it in the US).
The next 1-2 years are really going to be key for early adopters of IPv6, IMHO. Even Cisco, who is touted to have had IPv6 support back in 2001 really didn't have it in mainline code for their non-ISP-class hugely-espensive routers until early 2003. Guess why they jumped in the ball? All these little start-up router companies in Japan were touting IPv6 support and Cisco was losing sales.
Did you know that even Windows XP doesn't have full-blown IPv6 support? Try to run it without an IPv4 DNS server, it won't work (and who can possibly remember an IPv6 address, heh). It lists the well-known DNS servers, but they don't work even if you have servers listening for those addresses (as is documented by Microsoft): fec0:0:0:ffff::1 fec0:0:0:ffff::2 f ec0:0:0:ffff::3
Windows 2003 server is the first version to fully support an IPv6-only network. While we're not ready for that anytime soon, it just shows a short-sightedness, IMHO, on US vendors, and where I believe we're going to lose our edge if we keep it up.
Being pro-OSS, I don't mind it as much as Linux has had full-block IPv6 support since the 2.2 kernel days.
Re:This is one area the US could get left behind..
on
The State of IPv6
·
· Score: 1
multicast!=broadcast
Pim dense is what you're thinking of, which no one uses except on a flat lan, so it wouldn't get past their local router.
With pim sparse, you have to specify rendezvous server which then connects you to the server sending the data.
Multicast is more like an opt-in email subscription list and not like a usenet feed.
Slashdot Mirror
Uhm, I've got a 7 year old who has been recently getting way into Star Wars and loves watching 1, 2, 4, 5 & 6.
In fact, he's a bigger Star Wars fan than I think I was (well, maybe not).
We'll be awaiting this on on DVD so we can sit down and watch it together (well, I should say he'll be awaiting the DVD... I'll be seeing it in the theater).
Because most people are sheep. They just do what they're told, or what is easiest. So, naturally, it is up to the more technically adept and informed to direct them into what's best. Best, because IE/OE/Outlook are so incredibly full of holes and constantly spreading problems that the non-technical user can't keep up with. Not that Firefox/Thunderbird don't and won't have security holes, but it's much less likely to be as critical and not tied to your OS.
Where should multinational countries register? Should they have to register a domain in every country they operate in?
Uhm, the more folks downloading off torrent also means more folks uploading. With bittorrent, more is better.
Not to mention the Cisco Unity Express (CME) voicemail blade that you can pop into a router. A few more Cisco products that have Linux support:
t ml
Aironet
VPN Concentrator Clients
Heh, Sourceforge has a thing to say about Cisco and Linux as well:
http://rpmfind.net/linux/RPM/Cisco_Linux.h
Best quote of all:
"It takes a company approximately one desktop administrator to support 40 Windows PCs, while one administrator can support between 200 and 400 Linux desktops." says Cisco IT Manager
This is from Feb 17th, 2005.
How many people these days don't have cordless phones? The power goes out even with regular POTS and you still have no working phone unless you've got a regular wired phone plugged in somewhere. The only reason I have a regular phone is because my fax machine has one built in, otherwise I'd be SOL during a power outtage (of course, I have my cell).
I'm wondering how long gmail will keep using the invite system (just through beta?). I keep getting more invites that I can send out, but I'm outta folks that want them.
Rather evil of HP to stack it up against the WinXP version which has a $265 rebate (I wonder if that's coming from Microsoft's slush fund):
d uctLineId=435&FamilyId=1593&jumpid=re_store/smProd Cat/PSG/promo/notebooks/nx5000/$265InstantSavings
Special offers: $265 instant savings on this nx5000. Offer ends 8/31
http://h71016.www7.hp.com/dstore/ctoBases.asp?Pro
Uhm, wrong. With a simple kernel module loaded you disable the encoding/decoding of the signal as it is written/read to disk.
What's the big deal about this? Because you have the raw DirecTV-compressed MPEG2 which you can stream right back off the hard drive.
It's very, very simple, actually. All ISPs need to filter ingress from their customers. Only the valid IPs assigned to their customers should be allowed into the ISP network from that customer.
However, for this to work, all ISPs must do this, as ISPs cannot filter between themselves (as they must allow IPs they don't own to transit).
The 3 different small-ILEC ISPs I've done work for I had implement this. All customers I do work for I implement this (to keep them from spoofing DDoS packets should they get infected, and also to stop someone from spoofing their IPs from the outside).
It's really not that hard, folks just need to follow best practices and buy a decent router/firewall that supports ACLs and implement proper ingress/egress filtering of your valid IP allocations.
As they state, there is a simple solution: TCP MD5 Signature Option with BGP. Any ISP worth their salt will already be doing it. The rest will learn the hard way.
.
This has been supported in Cisco IOS way back since ~1998 in IOS 11.2
Read the BGP "Bible": Internet Routing Architectures or look at any best-practices guides which will state that TCP MD5 sigs should always be used with BGP.
Or search CCO:
router bgp 109
neighbor 145.2.2.2 password v61ne0qkel33&
It's just a single line that has to be added to both peer sides.
Put a box in an isolated network whose gateway "fakes" dns and smtp responses and just keeps all the mail.
Spammer thinks you're spamming, you get paid (drain spammers assets), no one is hurt.
Not like they're going to try and sue you in court for not doing something illegal.
WTF kind of name is Claria? Sounds like another company I did some contract work for a couple of years ago that got sued by Stanford Univ. because they used Stanford in their title (and had a red "S" logo that looked like Stanford's "S"... uhm, duh, just asking for it). They paid some firm to make up a name and research to make sure that no one already had it and switched to "Sirenza".
Heh, I did a google for Sirenza and Stanford to see if I could find further info on the name change and first found a link on Stanford.edu's site regarding alleged foul play in their IPO
Claria sounds like an STD if you ask me. Something you don't want, much like Santorum (if you don't know the reference, pull down a torrent on Unscrewed 04/07/2004, or just Google for it).
fedoraforum.org has a wealth of info in the FAQs and Forums.
For the newest issues, jump on IRC: irc.freenode.net #fedora
However the Cisco 7920 phone current only supports Cisco's proprietary SCCP (aka "skinny"), which means you have to have a CallManager or router/h.323 gateway running CallManager Express to use the phone. There aren't currently plans to make a SIP image for the 7920 (whereas the desk phone 7940/7960 can be loaded with either SCCP or SIP image loads).
On the plus side, the Cisco 7920 supports Cisco's proprietary LEAP so that the phone is re-keying WEP as often as you set it (9.1 minutes is enough time to get enough WEP keys at the smallest packet size transmitting at 1000 pps). Of course, again this means you need a Cisco Aironet AP and Cisco ACS server to support LEAP.
But then none of the traditional wireless phones are encrypted to my knowledge...
For those worried about WEP issues, see Cisco's Cisco Wireless LAN Security Bulletin.
Both "X Free86" and "XFree 86" work. Gotta be deliberate.
Every bank/credit union I've dealt with uses OS/2 in some lame form or another (mainly doing something with ATMs). These are small local banks of 20 branches.
But that's retarded. Someone will just register a domain overseas where there is no such restriction.
Cable companies need to limit bandwidth usage at the head-end, not at the CPE. If I own my cablemodem, I should be able to use it however I like, short of abusive network activity. If me and my neighbor want to play high-speed games or transfer files as fast as the coax will handle, we should be able to. Upgrade the infrastructure and limit upstream, but not locally.
That's why my DireTiVo has a UPS
Although, I don't have the TV plugged into the battery powered part, just the surge protected part.
Regarding the hijacking of the session, just do what NoCatAuth does: spawn an ssl'd pop-up that has a 5-minute refresh rate. Worst case, the hijacker gets 3-4 minutes of surfing, and then are forced to re-authenticate.
NoCatAuth is what I use at home. Even if you spoof my MAC, you still have to auth as me before you can go anywhere.
Rather you mean
I agree with you specifically for the reason of not falling behind. I especially liked the "Have laters" reference in regards to class warfare in the US.
f ec0:0:0:ffff::3
My reason for posting though was to point to a perfect case in point to me (of course I cannot find right now). It was regarding the OSS Squid Proxy which still doesn't have mainline IPv6 support. Yeah, you can get patches for it, but the core developers don't know IPv6, don't have IPv6 connections, and don't (at present) see any need to learn or pursue making it work with IPv6. It'll happen eventually, there will be the need when IPv6 reaches critical mass, or one of the core developers will integrate the patches into the mainline code, but until that point, the project stands to risk being superceeded by another project that might integrate IPv6 sooner and just at the time of critical mass (which will happen in Asia and Europe way before we have the Teir 1 ISPs moving on it in the US).
The next 1-2 years are really going to be key for early adopters of IPv6, IMHO. Even Cisco, who is touted to have had IPv6 support back in 2001 really didn't have it in mainline code for their non-ISP-class hugely-espensive routers until early 2003. Guess why they jumped in the ball? All these little start-up router companies in Japan were touting IPv6 support and Cisco was losing sales.
Did you know that even Windows XP doesn't have full-blown IPv6 support? Try to run it without an IPv4 DNS server, it won't work (and who can possibly remember an IPv6 address, heh). It lists the well-known DNS servers, but they don't work even if you have servers listening for those addresses (as is documented by Microsoft):
fec0:0:0:ffff::1
fec0:0:0:ffff::2
Windows 2003 server is the first version to fully support an IPv6-only network. While we're not ready for that anytime soon, it just shows a short-sightedness, IMHO, on US vendors, and where I believe we're going to lose our edge if we keep it up.
Being pro-OSS, I don't mind it as much as Linux has had full-block IPv6 support since the 2.2 kernel days.
multicast!=broadcast
Pim dense is what you're thinking of, which no one uses except on a flat lan, so it wouldn't get past their local router.
With pim sparse, you have to specify rendezvous server which then connects you to the server sending the data.
Multicast is more like an opt-in email subscription list and not like a usenet feed.
I'm curious whose service you have... I've been with 2 carriers (Nextel and AT&T) and neither charged for inbound page/SMS/email, just outbound.