Better do a DoD 7 (or is it 14) time erase of your hard drive, not just a file delete. I believe Computer Forenscics (sp) tools can go back 7 times on a hard drive and recover data.
Ah, bits vs bytes. You are correct, I should have used 64kb (or even 64kbit to be crystal clear). A single voice channel or g.711 stream is 64kbits.
ATM hardware cell size is 53KBytes (including header info), while the payload cell size is indeed 48KBytes (remember, it is cell, not frame when dealing with ATM).
Unless someone trojans a server and uses that to point the.torrent at. Yeah, you can shut down the trojan server, but with all the unpatched vulernable Windows boxes available, folks can just put up more and more.torrent files.
The problem here is that you'd lose connectivity to all the other folks who had the file already downloaded.
For research purposes, I've checked each tracker server so far that I've found a.torrent file listed on Slashdot, and that tracker server is offline or not responding.
Seems to me, all you have to do is go after the tracker server listed in the.torrent URL. The tracker server is the centralized server that all hosts using a.torrent file must connect to in order to find the end-content.
Here is a sample from one of the Matrix 2.torrent files at suprnova: d8:announce40:http://suprnova.dyndns.or g:6969/anno unce7:comment76:Matrix Reloaded - single CD - DivX Telesync - 576 x 252 - very good quality!13:creation datei1053692711e4:infod5:filesld6:lengthi10313728e 4:pathl29:Matrix.Revolutions.Teaser.avieed6:length i1542e4:pathl38:The.Matrix.Reloaded.DivX.TS-DaDuck.NFOeed6:lengthi8943616e4:pathl45:The.Matrix.Reloa ded.DivX.TS-DaDuck.Sample.avieed6:lengthi711053312 e4:pathl38:The.Matrix.Reloaded.DivX.TS-DaDuck.avie ee4:name34:The.Matrix.Reloaded.DivX.TS-DaDuck12:pi ece lengthi524288e6:pieces27860:
Seems to me you could also go after dyndns.org with a court order to have them to give you control of the suprnova account. Of course, their AUP forbids 'illegal' use of dyndns.org accounts:
12. MEMBER CONDUCT
The Member is solely responsible for the contents of his/her usage of the Service. The Member's use of the Service is subject to all applicable local, state, federal, and international laws and regulations. The Member agrees: (1) to comply with all local, state, and federal laws regarding the transmission of technical data exported from the United States through the service; (2) not to use the Service for illegal purposes;
In fact, looks like someone already got to dyndns.org or perhaps the suprnova account owner didn't want any trouble or their IP address revealed: suprnova.dyndns.org. 14396 IN A 127.0.0.1
As it is a private network, they'll most likely be using some RFC1918 (10.0.0.0, 172.16-31.0.0, 192.168.0.0) address space. The only devices moving to VoIP are the phone switches themselves, not the end phones. The customer won't even know there has been a change.
But if it's a voice-only network, all traffic is going to look the same, so QoS would have no affect. Further, just because you'd use a QoS-enabled protocol like IPv6, it doesn't mean the traffic would be given different priority. You have to have QoS-enabled switches and most importantly routers to look at those packets and give priority to the right ones. For voice traffic, since it's RTP, it's very easy to identify and have QoS priorities for that traffic without IPv6's extra QoS field info.
To add more clarification, they're bascially replacing their phone switch to phone switch infrastructure with VoIP. I doubt they'll offer VoIP service anytime soon, if ever, and definately not ever any connections directly to this network (perhaps to some gateway services).
What's switch-to-switch traffic? When you place a call a home on a 'POTS' (Plain Old Telephone Service) line, it goes over a copper pair, perhaps then aggregated to fiber with all your neighbors on the way back to the CO (Central Office) switch. If the call is to a switch outside that CO (or even a different switch inside a large CO), that's where VoIP will take over (vs. traditional SS7 signalling over DS1/DS3 type circuits).
Guess what though, since all the other carriers are still using SS7 over traditional circuits, they still have to keep all that old infrastructure, at least at the "edges" where they talk to long distance carriers (I don't know if Canada has CLECs, but I can see ILECs having to still handle circuits to CLECs being a major hurdle for US telcos doing this). It would make sense if other telcos, starting with long distance carriers, did this, and I can see them then going VoIP between telcos. But that's the problem... no one is going to do it until the other telcos do it, until the critical mass is there. Even then, regulatory laws will probably be messy.
This is basically akin to what the IT world has been doing for at least 10 years now. A traditional voice network would use a T1 circuit (DS3's, etc., of course, but I'm just using a T1 for an example) that's chopped into 24 voice 64KB channels (23 channels if it is a PRI with the 24th channel for signalling) and only allowing 24 calls on it. Even if a call is silent or put on mute, it still takes 64KB each direction. Why not convert it to VoIP, optionally compress it (g.729a is typical 'good' 24KB compression) or even leave it "uncompressed" at 64KB g.711 (either way, it must go through some sort of CODEC, but 64KB g.711 is what the telcos use as well), so you wouldn't notice a difference).
What would the advantage be? You can run 2.6 more calls over the same circuit if using g.729a, or if you're aggregating a large volume of g.711 calls, you can get away with the true bi-directional VoIP traffic not always taking up the full bandwidth (in other words, not always transmitting 64KB worth of voice traffic in VoIP packets, especially when on hold or when there is silence on either side, and voice calls are typically always silent when the other side is talking). As the article talked about, the remote side produces a "comfort noise" background "ambient" hiss so you think you're still on a call.
If you're not a telco (not that they couldn't do this, but most likely they'd want a seperate dedicated network for this, 'just in case') and you've implemented QoS so VoIP packets always get priority, why not just share the same data circuits for all your VoIP and PC traffic? That's where the big savings come for companies, as the two can coexist perfectly fine so long as QoS is implemented correctly.
I remember when my Dad was telling me about this company called SkyStation in 1997 which was going to do the same thing. I doubted it would be possible. They still haven't delivered.
Their current FAQ boasts, "When will the Sky Station system be available? With flight testing commencing later this year, Stratospheric Telecommunications Service will commence with the first Sky Station platform deployment in 2005. Sky Station platforms will be implemented in accordance with user demand as expressed by responsible organizations in each country."
Enter the Wayback Machine for this same FAQ page: 1998 claims of launch in 2000 1999 claims of launch in 2002 2001 claims of launch in 2004
Stating that a test launch will occur "later this year" (hey, that makes it easier to update the page), and they're planning deployment in 2005. How the hell can they even know when they'll be deploying if after 7 years they still haven't done a test launch.
Let's not forget StratSat or the Japanese Airships for cell phone use. Comon', someone show me a non-artist rendored picture or active deployment with one of these. Until I see that, it's all vaporware left over from the dot-com sucker era. I'm not saying it's not possible. I'm just wondering about it being economically feasible and the unreliable in the atmosphere from ever-changing winds and weather conditions.
Not sure what you mean by "Open Routers" but if ISPs did Ingress and Egress filtering* at their edges, [D]DoS attacks with spoofed source addresses wouldn't be possible. You'd always know from what ISP a packet came from.
If you always knew that a packet came from a legitimate ISP, you'd shutdown BGP-enabled spammers. If all ISPs did proper BGP filtering, large spammers who suddenly start announcing a netblock not in use (and not owned by them), spam, and then stop announcing it (thus making it impossible to track them down), those spammers couldn't operate either (the huge ones that get T1+ connections to do dedicated spamming).
The problem is that this takes more RAM in routers, and it also adds some latency (although most core routers can do wire-speed layer 3 ip filtering).
* Ingress filtering is dropping all packets that are supposedly sourced from my networks address, but coming from an external source AS (Autonomous System)
Egress filtering is dropping all packets originating from my network being routed to another AS that don't in fact belong to my network. In other word, someone is using bogus address space that will never be routed back to me.
The "edges" are both at NAPs/MAEs talking to other AS (ISPs, mostly), but also my customer edges. If I've assigned a netblock to a given customer, I shouldn't ever receive IPs sourced from another netblock.
I know of course that BGP multi-homed customers can have netblocks from other ISPs, but again, I should know about all of those in advance as I should be filtering what BGP routes I'll accept, which can easily be used to filter what netblock as valid for souced traffic.
That's the hardest thing about tracking down many forms of abuse ([D]DoS from a single source, spam, etc.) is when it's done with a spoofed or very temporary address (in the case of a BGP-enabled spammer)... unless I have cooperation from all the ISPs backwards to the abuser, in real-time, I cannot source it and have it dealt with.
If I connect to any give IP address on port 80 with my browser, is that somewhere I'm not supposed to be?
What about deep link guessing?
What about other ports, like 21 for ftp?
These are standard ports with protocols assigned to them. If you have a system listening on them, and a standard anonymous/guess account login works, isn't that authorized access?
There is a lot of grey area here. I like to use the example of Main St. If there are a row of shops (some converted houses, etc. are often turned into shops in older towns around here), and there is a house in the middle without a sign, but it looks like it has stuff for sale, but no gate or "keep out" sign, is it illegal to go up to the door and knock and see if someone is there and if it is a store?
What if it is a store, but no one is there? What if it was a store, but is no longer? What authorizes you to be in there (vs. if it was a private home and not a store)?
To me, that is a matter of common sense. You put up a "keep out" or "private property" sign, or a gate, or both, or don't expect people not to come knocking as you're on Main St in the middle of the street with other stores. That's the internet, like it or not. Connect a PC up and give it an ip address, and you're a shop open for business. Unless you put up a sign stating "keep out" or have a lock or gate to tell people to stay away, the assumpting is that it is a public resource, especially if common ports like ftp tcp/21 or http tcp/80 are listening and serving up content.
My family all know if they email me HTML they get an auto-reply that tells them it has been deleted and to send without HTML. Some complained at first, but anyone who wanted to email me complied.
SpamAssassin works for me 99% of the time. Anyone who I already know is never blacklisted (but like I said, HTML doesn't get through as I don't use an HTML-capable email client), and I don't see spam. The 1% of folks that are flagged with false-negatives will just have to try again (they weren't that import to begin with since they weren't in my address book).
If all MTAs are not switched, all it will do is create a whitelist of ESMTP ISPs... you can't just blacklist everyone still using SMTP.
So, yeah, AOLEarthlink traffic would be safer (if they both switched to ESMTP), but there are far more ISPs or just local businesses running their own MTA that it won't solve.
Personally, I found just about everything in HS a big waste of time, mainly due to the other students who almost always succeeded in wrecking anything that could even be remotely fun or interesting. I'm not bitter;-p
I suggest finding your local Linux Users Group and if it looks promising, see if you can put up a flier or two at the school about it.
Yes, and no. Just like the Cisco 7940/7960 non-mobile line, I'm sure you'll be able to program a public IP address of your "phone server" (in Cisco's product line, a Call Manager). Then you just grab a DHCP address and gateway from whatever 802.11b network you can get on...
Of course, that's if you don't mind having your traffic sniffed, but most folks don't think of that in the first place.
I'm sure a cheap/free SIP software router with analog trunks would work just fine. There are plenty of them out there. All of Cisco's phones support SIP, in addition to Cisco's Skinny protocol.
Re:Could IP phones be the thing that IPv6 needs?
on
Cisco's Wi-Fi Phone
·
· Score: 1
Even with NAT and 1 hour expiration times, a customer of mine just had to add a second Class C to support their growing number of phones (so their internal network phones can talk to their phones at home or small ADSL sites on the public internet). Eventually more and more companies are going to move to VoIP, and it'll click, "Why should I call another company with VoIP phones using the PSTN when we should just have our VoIP devices talking directly." NAT is no solution there.
Second, NAT is a hack and doesn't really solve the issue (address shortage), and creates as many problems as it solves. Almost all "router" problems I ran into at my last job were due to NAT/PAT issues.
Third, you've a very narrow-minded US-centric view. The US has over 75% of the IPv4 address space. Guess where IPv6 is taking off? Europe and Asia where they got screwed on IPv4 allocations.
Forth, how do you think all the new internet-ready cell phones in Europe and Asia are connecting online? Those that aren't using lame RFC1918 address space and NAT (SprintPCS) are using IPv6 (AT&T) and temporarilly IPv6-to-IPv4 NAT (but as IPv6 services grow, there will be less and less IPv6 NAT). Yes, your cell phone most likely has a MAC address, and if you surf, it's using that as part of its IPv6 address.
As it was a "copy," wouldn't it have to be two DVDs to fit on consumer-burnable 4.7GB DVDs? At least, that's what I've been watching. Anything else, and it's not the true original data off the multi-layer screener DVD.
Side note: I also had a screener copy of FoTR, and then I bought the original theatrical version of FoTR and the Special Edition (with the bookends, which look great in my library around my JRRT stuff). I plan to buy both of TTT as well, and I only let non-family watch it after it stopped showing in the theatre (if they hadn't seen it already).
That's where my morals are. I stopped Napster-isk sharing of stuff about two years ago. I'll still swap a high-quality rip of a CD to check it out, but if I like it, I buy it, if I don't like it, I nuke it.
$1 rebates have to be just about the lamest thing out there. I bought an "Aim-n-Flame" BBQ lighter at Home Depot and noticed when I got home it had a $1 mail-in rebate. US$0.37 for the stamp plus a few cents for an envelope, it'll cost them US$0.10-0.15 to mail the thing to me... seems like a scam for the postal system.
Just in case you're wondering, yes, I mailed it in. It's the priciple of the thing;-)'
Slashdot Mirror
Is that those text things I see in boxes from time to time (speaking of, I started seeing them on Hotmail as well, text ones that is).
Squidproxy replaces all those "graphical" ads with nice clear 1x1 clear GIFs
Better do a DoD 7 (or is it 14) time erase of your hard drive, not just a file delete. I believe Computer Forenscics (sp) tools can go back 7 times on a hard drive and recover data.
Ah, bits vs bytes. You are correct, I should have used 64kb (or even 64kbit to be crystal clear). A single voice channel or g.711 stream is 64kbits.
ATM hardware cell size is 53KBytes (including header info), while the payload cell size is indeed 48KBytes (remember, it is cell, not frame when dealing with ATM).
I could see the movie studio going after you for illegal possession of their copyrighted work. IANAL, would that be a civil suit?
Unless someone trojans a server and uses that to point the .torrent at. Yeah, you can shut down the trojan server, but with all the unpatched vulernable Windows boxes available, folks can just put up more and more .torrent files.
.torrent file listed on Slashdot, and that tracker server is offline or not responding.
The problem here is that you'd lose connectivity to all the other folks who had the file already downloaded.
For research purposes, I've checked each tracker server so far that I've found a
Seems to me, all you have to do is go after the tracker server listed in the .torrent URL. The tracker server is the centralized server that all hosts using a .torrent file must connect to in order to find the end-content.
.torrent files at suprnova:r g:6969/anno unce7:comment76:Matrix Reloaded - single CD - DivX Telesync - 576 x 252 - very good quality!13:creation datei1053692711e4:infod5:filesld6:lengthi10313728e 4:pathl29:Matrix.Revolutions.Teaser.avieed6:length i1542e4:pathl38:The.Matrix.Reloaded.DivX.TS-DaDuck .NFOeed6:lengthi8943616e4:pathl45:The.Matrix.Reloa ded.DivX.TS-DaDuck.Sample.avieed6:lengthi711053312 e4:pathl38:The.Matrix.Reloaded.DivX.TS-DaDuck.avie ee4:name34:The.Matrix.Reloaded.DivX.TS-DaDuck12:pi ece lengthi524288e6:pieces27860:
Here is a sample from one of the Matrix 2
d8:announce40:http://suprnova.dyndns.o
Seems to me you could also go after dyndns.org with a court order to have them to give you control of the suprnova account. Of course, their AUP forbids 'illegal' use of dyndns.org accounts:
12. MEMBER CONDUCT
The Member is solely responsible for the contents of his/her usage of the Service. The Member's use of the Service is subject to all applicable local, state, federal, and international laws and regulations. The Member agrees: (1) to comply with all local, state, and federal laws regarding the transmission of technical data exported from the United States through the service; (2) not to use the Service for illegal purposes;
In fact, looks like someone already got to dyndns.org or perhaps the suprnova account owner didn't want any trouble or their IP address revealed:
suprnova.dyndns.org. 14396 IN A 127.0.0.1
As it is a private network, they'll most likely be using some RFC1918 (10.0.0.0, 172.16-31.0.0, 192.168.0.0) address space. The only devices moving to VoIP are the phone switches themselves, not the end phones. The customer won't even know there has been a change.
But if it's a voice-only network, all traffic is going to look the same, so QoS would have no affect. Further, just because you'd use a QoS-enabled protocol like IPv6, it doesn't mean the traffic would be given different priority. You have to have QoS-enabled switches and most importantly routers to look at those packets and give priority to the right ones. For voice traffic, since it's RTP, it's very easy to identify and have QoS priorities for that traffic without IPv6's extra QoS field info.
To add more clarification, they're bascially replacing their phone switch to phone switch infrastructure with VoIP. I doubt they'll offer VoIP service anytime soon, if ever, and definately not ever any connections directly to this network (perhaps to some gateway services).
What's switch-to-switch traffic? When you place a call a home on a 'POTS' (Plain Old Telephone Service) line, it goes over a copper pair, perhaps then aggregated to fiber with all your neighbors on the way back to the CO (Central Office) switch. If the call is to a switch outside that CO (or even a different switch inside a large CO), that's where VoIP will take over (vs. traditional SS7 signalling over DS1/DS3 type circuits).
Guess what though, since all the other carriers are still using SS7 over traditional circuits, they still have to keep all that old infrastructure, at least at the "edges" where they talk to long distance carriers (I don't know if Canada has CLECs, but I can see ILECs having to still handle circuits to CLECs being a major hurdle for US telcos doing this). It would make sense if other telcos, starting with long distance carriers, did this, and I can see them then going VoIP between telcos. But that's the problem... no one is going to do it until the other telcos do it, until the critical mass is there. Even then, regulatory laws will probably be messy.
This is basically akin to what the IT world has been doing for at least 10 years now. A traditional voice network would use a T1 circuit (DS3's, etc., of course, but I'm just using a T1 for an example) that's chopped into 24 voice 64KB channels (23 channels if it is a PRI with the 24th channel for signalling) and only allowing 24 calls on it. Even if a call is silent or put on mute, it still takes 64KB each direction. Why not convert it to VoIP, optionally compress it (g.729a is typical 'good' 24KB compression) or even leave it "uncompressed" at 64KB g.711 (either way, it must go through some sort of CODEC, but 64KB g.711 is what the telcos use as well), so you wouldn't notice a difference).
What would the advantage be? You can run 2.6 more calls over the same circuit if using g.729a, or if you're aggregating a large volume of g.711 calls, you can get away with the true bi-directional VoIP traffic not always taking up the full bandwidth (in other words, not always transmitting 64KB worth of voice traffic in VoIP packets, especially when on hold or when there is silence on either side, and voice calls are typically always silent when the other side is talking). As the article talked about, the remote side produces a "comfort noise" background "ambient" hiss so you think you're still on a call.
If you're not a telco (not that they couldn't do this, but most likely they'd want a seperate dedicated network for this, 'just in case') and you've implemented QoS so VoIP packets always get priority, why not just share the same data circuits for all your VoIP and PC traffic? That's where the big savings come for companies, as the two can coexist perfectly fine so long as QoS is implemented correctly.
I remember when my Dad was telling me about this company called SkyStation in 1997 which was going to do the same thing. I doubted it would be possible. They still haven't delivered.
n k/forschungundentwicklung/studien/HAPS.pdf
Their current FAQ boasts, "When will the Sky Station system be available?
With flight testing commencing later this year, Stratospheric Telecommunications Service will commence with the first Sky Station platform deployment in 2005. Sky Station platforms will be implemented in accordance with user demand as expressed by responsible organizations in each country."
Enter the Wayback Machine for this same FAQ page:
1998 claims of launch in 2000
1999 claims of launch in 2002
2001 claims of launch in 2004
Stating that a test launch will occur "later this year" (hey, that makes it easier to update the page), and they're planning deployment in 2005. How the hell can they even know when they'll be deploying if after 7 years they still haven't done a test launch.
Let's not forget StratSat or the Japanese Airships for cell phone use. Comon', someone show me a non-artist rendored picture or active deployment with one of these. Until I see that, it's all vaporware left over from the dot-com sucker era. I'm not saying it's not possible. I'm just wondering about it being economically feasible and the unreliable in the atmosphere from ever-changing winds and weather conditions.
Here is that promised document from China talking about all these other blimp-type platforms (a sucker is born every minute):
http://www.bakom.ch/imperia/md/content/english/fu
From http://www.guardiandigital.com/downloads/:
...
"EnGarde Secure Linux Community Edition
Limited virtual Web, DNS, e-mail domain support"
WTF does that mean? Two domains? Five? Ten?
Not sure what you mean by "Open Routers" but if ISPs did Ingress and Egress filtering* at their edges, [D]DoS attacks with spoofed source addresses wouldn't be possible. You'd always know from what ISP a packet came from.
If you always knew that a packet came from a legitimate ISP, you'd shutdown BGP-enabled spammers. If all ISPs did proper BGP filtering, large spammers who suddenly start announcing a netblock not in use (and not owned by them), spam, and then stop announcing it (thus making it impossible to track them down), those spammers couldn't operate either (the huge ones that get T1+ connections to do dedicated spamming).
The problem is that this takes more RAM in routers, and it also adds some latency (although most core routers can do wire-speed layer 3 ip filtering).
*
Ingress filtering is dropping all packets that are supposedly sourced from my networks address, but coming from an external source AS (Autonomous System)
Egress filtering is dropping all packets originating from my network being routed to another AS that don't in fact belong to my network. In other word, someone is using bogus address space that will never be routed back to me.
The "edges" are both at NAPs/MAEs talking to other AS (ISPs, mostly), but also my customer edges. If I've assigned a netblock to a given customer, I shouldn't ever receive IPs sourced from another netblock.
I know of course that BGP multi-homed customers can have netblocks from other ISPs, but again, I should know about all of those in advance as I should be filtering what BGP routes I'll accept, which can easily be used to filter what netblock as valid for souced traffic.
That's the hardest thing about tracking down many forms of abuse ([D]DoS from a single source, spam, etc.) is when it's done with a spoofed or very temporary address (in the case of a BGP-enabled spammer)... unless I have cooperation from all the ISPs backwards to the abuser, in real-time, I cannot source it and have it dealt with.
Ride Red
;-p
My 1990 Honda CBR 600 is still getting 42Mi/gal when I filled up for $7.50 yesterday. Yeah, it sucks that I have to buy the high octane stuff (91)
My son loves getting to ride with me on the weekends around the block to his friend's house.
If I connect to any give IP address on port 80 with my browser, is that somewhere I'm not supposed to be?
What about deep link guessing?
What about other ports, like 21 for ftp?
These are standard ports with protocols assigned to them. If you have a system listening on them, and a standard anonymous/guess account login works, isn't that authorized access?
There is a lot of grey area here. I like to use the example of Main St. If there are a row of shops (some converted houses, etc. are often turned into shops in older towns around here), and there is a house in the middle without a sign, but it looks like it has stuff for sale, but no gate or "keep out" sign, is it illegal to go up to the door and knock and see if someone is there and if it is a store?
What if it is a store, but no one is there? What if it was a store, but is no longer? What authorizes you to be in there (vs. if it was a private home and not a store)?
To me, that is a matter of common sense. You put up a "keep out" or "private property" sign, or a gate, or both, or don't expect people not to come knocking as you're on Main St in the middle of the street with other stores. That's the internet, like it or not. Connect a PC up and give it an ip address, and you're a shop open for business. Unless you put up a sign stating "keep out" or have a lock or gate to tell people to stay away, the assumpting is that it is a public resource, especially if common ports like ftp tcp/21 or http tcp/80 are listening and serving up content.
My family all know if they email me HTML they get an auto-reply that tells them it has been deleted and to send without HTML. Some complained at first, but anyone who wanted to email me complied.
SpamAssassin works for me 99% of the time. Anyone who I already know is never blacklisted (but like I said, HTML doesn't get through as I don't use an HTML-capable email client), and I don't see spam. The 1% of folks that are flagged with false-negatives will just have to try again (they weren't that import to begin with since they weren't in my address book).
I'm not sure how many folks are aware that VeriSign bought Thawte a few years back:
Registrant:
VeriSign, Inc. (THAWTE-DOM)
487 East Middlefield Road
Mountain View, CA 94043
US
Domain Name: THAWTE.COM
Administrative Contact, Technical Contact:
VeriSign Hostmaster (VH2134-ORG) vshostmaster@VERISIGN.COM
VeriSign, Inc.
487 East Middlefield Road
Mountain View, CA 94043
US
650-961-7500
Fax- 650-961-7300
If all MTAs are not switched, all it will do is create a whitelist of ESMTP ISPs... you can't just blacklist everyone still using SMTP.
So, yeah, AOLEarthlink traffic would be safer (if they both switched to ESMTP), but there are far more ISPs or just local businesses running their own MTA that it won't solve.
Squid + squidGuard + Ads = heaven
s p; redirect http://localhost/1x1.gif
acl {
freenet-artoo-net {
pass whitelist !ads !gambling !porn !violence all
}
}
To summarize: squidGuard allows me to define source and destination groups, which can be based on domains, urls, regex, etc. such as:
dest ads {
domainlist mesd/blacklists/ads/domains
urllist mesd/blacklists/ads/urls
expressionlist ftp.univ-tlse1.fr/blacklists/ads/expressions
&nb
}
The "blacklists" are freely available and maintained by users of the system. I never see the ads because they're always replaced with 1x1 clear GIFs.
Personally, I found just about everything in HS a big waste of time, mainly due to the other students who almost always succeeded in wrecking anything that could even be remotely fun or interesting. I'm not bitter
I suggest finding your local Linux Users Group and if it looks promising, see if you can put up a flier or two at the school about it.
Yes, and no. Just like the Cisco 7940/7960 non-mobile line, I'm sure you'll be able to program a public IP address of your "phone server" (in Cisco's product line, a Call Manager). Then you just grab a DHCP address and gateway from whatever 802.11b network you can get on...
Of course, that's if you don't mind having your traffic sniffed, but most folks don't think of that in the first place.
I'm sure a cheap/free SIP software router with analog trunks would work just fine. There are plenty of them out there. All of Cisco's phones support SIP, in addition to Cisco's Skinny protocol.
Even with NAT and 1 hour expiration times, a customer of mine just had to add a second Class C to support their growing number of phones (so their internal network phones can talk to their phones at home or small ADSL sites on the public internet). Eventually more and more companies are going to move to VoIP, and it'll click, "Why should I call another company with VoIP phones using the PSTN when we should just have our VoIP devices talking directly." NAT is no solution there.
Second, NAT is a hack and doesn't really solve the issue (address shortage), and creates as many problems as it solves. Almost all "router" problems I ran into at my last job were due to NAT/PAT issues.
Third, you've a very narrow-minded US-centric view. The US has over 75% of the IPv4 address space. Guess where IPv6 is taking off? Europe and Asia where they got screwed on IPv4 allocations.
Forth, how do you think all the new internet-ready cell phones in Europe and Asia are connecting online? Those that aren't using lame RFC1918 address space and NAT (SprintPCS) are using IPv6 (AT&T) and temporarilly IPv6-to-IPv4 NAT (but as IPv6 services grow, there will be less and less IPv6 NAT). Yes, your cell phone most likely has a MAC address, and if you surf, it's using that as part of its IPv6 address.
As it was a "copy," wouldn't it have to be two DVDs to fit on consumer-burnable 4.7GB DVDs? At least, that's what I've been watching. Anything else, and it's not the true original data off the multi-layer screener DVD.
Side note: I also had a screener copy of FoTR, and then I bought the original theatrical version of FoTR and the Special Edition (with the bookends, which look great in my library around my JRRT stuff). I plan to buy both of TTT as well, and I only let non-family watch it after it stopped showing in the theatre (if they hadn't seen it already).
That's where my morals are. I stopped Napster-isk sharing of stuff about two years ago. I'll still swap a high-quality rip of a CD to check it out, but if I like it, I buy it, if I don't like it, I nuke it.
Server: AkamaiGHost
Duh, they're just loading images and other static content from Akamai for faster load times as Akamai has colocations all over.
Although, I've got to admit it's rather funny to see this.
$1 rebates have to be just about the lamest thing out there. I bought an "Aim-n-Flame" BBQ lighter at Home Depot and noticed when I got home it had a $1 mail-in rebate. US$0.37 for the stamp plus a few cents for an envelope, it'll cost them US$0.10-0.15 to mail the thing to me... seems like a scam for the postal system.
Just in case you're wondering, yes, I mailed it in. It's the priciple of the thing