I remember Trinoo back in late 1998, also CDC's BackOrifice. It was very clear back then that zombies were going to be a problem. The unfortunate truth is that security companies, ISPs, and the like only focus on issues once they reach critical mass, so they can justify expenditure. By the time meetings have been had, strategy has been discussed, marketing has been massaged, etc, the problem has grown into an epidemic.
The ISPs need to pick up the ball here, put up some IDS capable proxies in and start shutting down the shit they're spewing into the internet. Otherwise the problem is never going to go away if you expect grandma to buy something to solve a problem she doesn't understand.
I use mplayer-tivo every day, works like a champ over 802.11g. You can pull up pre-Tivo'd shows or stream it Live. Use the TivoWeb remote, and it's just like you're there. You need to hack your Tivo for all this to work, but it's well worth the trouble.
You could offer a linux/netbsd ppc kernel and root image from OS X's dchpd/tftpd, then push and pull images to/from nfs/cifs. You could also use your iPod (or another external), with a full rescue OS X install or netbsd/linux to do imaging.
Its quite useful to have a menu'd network bootstrap at the ready for this kind of stuff, or installing whatever OS, or a nfs rooted copper Gbit media boxes (oh my).
With drones such as the Predator seeing lots of action (which are now armed), and iRobots out in the field (not armed yet), it is only a matter of time before humans remotely control a significant portion of our military might. Sure, you have to worry about securing the control channels and there are lots of bits and pieces that need to get worked out.
Most of technology is already there, it just needs to mature a bit, let's say 5-10 years. DARPA should have set the Grand Challenge rules so that vehicles could be remotely controlled, with hundred of test targets all over that get tagged by lasers or something similar.
The army would be smart to collect gameplay data from America's Army, etc. I found it curious that I had to submit my training scores to the AA servers before I could even play the game, but maybe I'm just paranoid. It's doubtful that the Army has some grand plan here, but there are definately many who get it. Basically, the Army could recruit the most skilled operators/players, and lots of people would probably be more likely to serve their country in front of a virtual screen as opposed to seeing real combat.
Is it too out there to assume that the gamers who clean up in today's FPS and FSims may find yourself being drafted by the military one day...?
Of the obstacles to be overcome to make remote combat operations, it would seem most are straight-forward to overcome with time. How do you go up stairs and handle rough terrain? How about a helibot? Take a remote controlled model helicopter, stick on a few cameras, various sensors, GPS, etc. Very much like today's FPS, it seems to me.
As far as distributions go, its really a matter of opinion mostly, but I use debian/sarge; dpkg/apt makes updating very easy. Don't know of any file server centric distributions out there, which ultimates testifies to the relative ease one can set things up from any distro.
If you're using the unit for home, it can make sense to also use the box for your internal audio/video streaming, home directories, web, and mail, and backup for other workstations. This is what's going on over here.
You might have answered your own question.. most of the products out there do use some form of Linux, and rarely do these vendors offer anything of value beyond a unified web based interface. You'll invest more time in the front end, but you'll gain much more in having the ability to upgade, use the machine for other tasks, etc. You'll get more for your money if you have even basic linux skills though.
There are plenty of recipies out there utilizing LVM, MD, Samba, NFS, etc. You could make a MythTV server too, you get the idea.
You can use smartmontools or most of the popular RAID controllers out there have linux configration apps and monitoring tools. Use 3ware if you have the cash, Promise can work depending on who you ask, Adaptec has some cards, others may have more to add here.
You could even just get a board that has lots of ports, and do Software RAID, although adding a drive to an array is experimental at this point, which scares me at least.
Samba 3 will fully integrate in AD if you have that need. Winbind has come a long way, you can even login to the linux box with your AD credentials if you were so inclined (now this might be flamebait fodder).
Anyways, with drive prices falling so rapidly, it would be a shame to spend $$ on a box that could be doubled in capacity 9 months down the road. So be very careful.
You would clearly want to have LVM (or some other) snapshotting enabled on the destination Linux host's volume. If you did want to export the snapshots for user restoration, you could then share out the point in time (12hr, yesterday, DOW, M,..) as well.
Rsync with cygwin would be another option, my experience with OpenSSH/scp on Windows has been poor when it's under pressure.
Win2k3 more or less has AD 2.0 (or 1.1 if you must). You can now actually rename a domain, and establish cross-forest trust designs, speed enhancements, better sync, etc. Here's a basic overview of the diffs:
Unless you really have a need for a keyboard (browsing can be really ugly unless you're going HiDef), you should check out lirc.org and just get an IR receiver and use a remote control.
By default RPC/135 listens on 0.0.0.0, but you can change this by using MS's rpccfg.exe to listen on the loopback only.
http://www.microsoft.com/windows2000/techinfo/re sk it/tools/new/rpccfg-o.asp
Also, port 445 is open, even if you disable File and Print Sharing. To fix that hole, open up regedit and change:
HKLM\System\CurrentControlSet\Services\NetBT\Par am eters\TransportBindName from '\Device\' to nothing. You can't use the workstation service|CIFS outbound either when you do this though, and you have to reboot for it to take should you want to switch back.
I've never had a problem with PPTP or the port you mentioned, maybe try disabling Routing and Remote Access, or other services.
I have my Win2k3 box only listening on 22, OpenSSHd and scp work like a champ.
Michael Johnson took over the NetworkSimplicity OpenSSH installer, which makes it too easy not to use SSH on Windows.
I've been working with IIS 6 (Whistler/.Net) for over a year now, and its actually come a really long way in this release.. (duck) Alot of the positives of Apache have been built in (remarkably similar..makes you wonder) like a text based config in XML, an HTTP kernel mode listener, and some really cool isolation features. For a shared web hoster its a god-send, letting you bind a virtual server to its own process (and security context), so if a customer starts hogging you just check the PID and voila you know who's the culprit. You can also ping the worker processes/virtuals for various stats and do non-intrusive restarts. Much better than the old days of having the whole server dump hard and a reboot.
Anyways, funny they didn't mention any of that in the article.. quite the clueless writer. I'll never claim IIS is as stable, secure, or flexible as Apache, knowing first hand, but its definately better than it used to be.
Slashdot Mirror
Now go away
I remember Trinoo back in late 1998, also CDC's BackOrifice. It was very clear back then that zombies were going to be a problem. The unfortunate truth is that security companies, ISPs, and the like only focus on issues once they reach critical mass, so they can justify expenditure. By the time meetings have been had, strategy has been discussed, marketing has been massaged, etc, the problem has grown into an epidemic.
The ISPs need to pick up the ball here, put up some IDS capable proxies in and start shutting down the shit they're spewing into the internet. Otherwise the problem is never going to go away if you expect grandma to buy something to solve a problem she doesn't understand.
Bullshit stinks, and people smell it.
http://www.cluetrain.org/#manifesto
I use mplayer-tivo every day, works like a champ over 802.11g. You can pull up pre-Tivo'd shows or stream it Live. Use the TivoWeb remote, and it's just like you're there. You need to hack your Tivo for all this to work, but it's well worth the trouble.
You could offer a linux/netbsd ppc kernel and root image from OS X's dchpd/tftpd, then push and pull images to/from nfs/cifs. You could also use your iPod (or another external), with a full rescue OS X install or netbsd/linux to do imaging.
Its quite useful to have a menu'd network bootstrap at the ready for this kind of stuff, or installing whatever OS, or a nfs rooted copper Gbit media boxes (oh my).
With drones such as the Predator seeing lots of action (which are now armed), and iRobots out in the field (not armed yet), it is only a matter of time before humans remotely control a significant portion of our military might. Sure, you have to worry about securing the control channels and there are lots of bits and pieces that need to get worked out.
Most of technology is already there, it just needs to mature a bit, let's say 5-10 years. DARPA should have set the Grand Challenge rules so that vehicles could be remotely controlled, with hundred of test targets all over that get tagged by lasers or something similar.
The army would be smart to collect gameplay data from America's Army, etc. I found it curious that I had to submit my training scores to the AA servers before I could even play the game, but maybe I'm just paranoid. It's doubtful that the Army has some grand plan here, but there are definately many who get it. Basically, the Army could recruit the most skilled operators/players, and lots of people would probably be more likely to serve their country in front of a virtual screen as opposed to seeing real combat.
Is it too out there to assume that the gamers who clean up in today's FPS and FSims may find yourself being drafted by the military one day...?
Of the obstacles to be overcome to make remote combat operations, it would seem most are straight-forward to overcome with time.
How do you go up stairs and handle rough terrain? How about a helibot? Take a remote controlled model helicopter, stick on a few cameras, various sensors, GPS, etc. Very much like today's FPS, it seems to me.
As far as distributions go, its really a matter of opinion mostly, but I use debian/sarge; dpkg/apt makes updating very easy. Don't know of any file server centric distributions out there, which ultimates testifies to the relative ease one can set things up from any distro.
If you're using the unit for home, it can make sense to also use the box for your internal audio/video streaming, home directories, web, and mail, and backup for other workstations. This is what's going on over here.
-Vlad
You might have answered your own question.. most of the products out there do use some form of Linux, and rarely do these vendors offer anything of value beyond a unified web based interface. You'll invest more time in the front end, but you'll gain much more in having the ability to upgade, use the machine for other tasks, etc. You'll get more for your money if you have even basic linux skills though.
There are plenty of recipies out there utilizing LVM, MD, Samba, NFS, etc. You could make a MythTV server too, you get the idea.
You can use smartmontools or most of the popular RAID controllers out there have linux configration apps and monitoring tools. Use 3ware if you have the cash, Promise can work depending on who you ask, Adaptec has some cards, others may have more to add here.
You could even just get a board that has lots of ports, and do Software RAID, although adding a drive to an array is experimental at this point, which scares me at least.
Samba 3 will fully integrate in AD if you have that need. Winbind has come a long way, you can even login to the linux box with your AD credentials if you were so inclined (now this might be flamebait fodder).
Anyways, with drive prices falling so rapidly, it would be a shame to spend $$ on a box that could be doubled in capacity 9 months down the road. So be very careful.
-Vlad
You would clearly want to have LVM (or some other) snapshotting enabled on the destination Linux host's volume. If you did want to export the snapshots for user restoration, you could then share out the point in time (12hr, yesterday, DOW, M,..) as well.
Rsync with cygwin would be another option, my experience with OpenSSH/scp on Windows has been poor when it's under pressure.
-Chris
Win2k3 more or less has AD 2.0 (or 1.1 if you must). You can now actually rename a domain, and establish cross-forest trust designs, speed enhancements, better sync, etc. Here's a basic overview of the diffs:
i mp rovements.htm
http://www.techgalaxy.net/Docs/Win2003/WS03_AD_
You're going to get a lot more flexibility in the long haul this way.. really doesnt make any sense to stay with 2k IMHO.
Unless you really have a need for a keyboard (browsing can be really ugly unless you're going HiDef), you should check out lirc.org and just get an IR receiver and use a remote control.
So I noticed the cygwin.dll, so I guess 'native' is relative..? Definately cool, but I'll stick with Hummingbird and an smbmount from my debian box.
By default RPC/135 listens on 0.0.0.0, but you can change this by using MS's rpccfg.exe to listen on the loopback only.
e sk it/tools/new/rpccfg-o.asp
r am eters\TransportBindName from '\Device\' to nothing. You can't use the workstation service|CIFS outbound either when you do this though, and you have to reboot for it to take should you want to switch back.
http://www.microsoft.com/windows2000/techinfo/r
Also, port 445 is open, even if you disable File and Print Sharing. To fix that hole, open up regedit and change:
HKLM\System\CurrentControlSet\Services\NetBT\Pa
I've never had a problem with PPTP or the port you mentioned, maybe try disabling Routing and Remote Access, or other services.
I have my Win2k3 box only listening on 22, OpenSSHd and scp work like a champ.
Michael Johnson took over the NetworkSimplicity OpenSSH installer, which makes it too easy not to use SSH on Windows.
http://lexa.mckenna.edu/sshwindows/
-Vlad
Use IIS6's text based XML metabase.. looks shockingly similar to httpd.conf ;)
I've been working with IIS 6 (Whistler/.Net) for over a year now, and its actually come a really long way in this release.. (duck) Alot of the positives of Apache have been built in (remarkably similar..makes you wonder) like a text based config in XML, an HTTP kernel mode listener, and some really cool isolation features. For a shared web hoster its a god-send, letting you bind a virtual server to its own process (and security context), so if a customer starts hogging you just check the PID and voila you know who's the culprit. You can also ping the worker processes/virtuals for various stats and do non-intrusive restarts. Much better than the old days of having the whole server dump hard and a reboot.
Anyways, funny they didn't mention any of that in the article.. quite the clueless writer. I'll never claim IIS is as stable, secure, or flexible as Apache, knowing first hand, but its definately better than it used to be.
Try http://linuxsound.bright.net. I'm waiting myself too, maybe one day I can remove the evil from my beast.