You might want to give netsaint a look. It is more of a host monitoring tool, but numerous extensions have been developed for it, so it could be a good base to build upon or integrate with thing like OpenNMS. -----
I would not obviously agree with not blaming the true culprit. But is somehow seems that companies are being definitely lax in their security, and they should take some blame for that too, and just not blame it on the hackers.
From another standpoint: you loan someone your car, and it gets stolen because the person left it unlocked. Do you solely blame the thief? -----
Re:Profiling: Interviews with DEAN Kamen
on
What is 'IT'?
·
· Score: 1
Sorry, slight tyypo on the gentleman's name...:( -----
Profiling: Interviews with Dick Kamen
on
What is 'IT'?
·
· Score: 1
Here are a couple of links for interviews with Dick Kamen. Maybe if we know the man better, we'll be in a better position to make an educated guess.
Quoting from the article: Microsoft Proxy Server support.
Now what on earth is a Microsoft Proxy Server? I've heard of HTTP proxies, SOCKS proxies, but Microsoft? What is this new protocol I never heard about?? -----
Myth: Implementation changes significantly more often than interfaces
Well, it does depend on your interfaces.
The author of the article seems to enjoy passing lots and lots of attributes around instead of just passing an object. Stick to that, and i bet your interfaces are going to change veeery quickly... -----
I was actually supporting searches at irregular times. If you are going to search at all, you might as well do it at odd times, otherwise it's going to be just like you described. (death threats from the supposedly smart user). -----
Nope. I dont agree. If I want to run an insecure, crappy box, thats my right. Just like if I have a house, and want to leave the door swinging in the wind wide open, its my peroggative.
What if someone uses your house to set up a drug supermarket, or something of the kind? Don't you think you could be held liable?
The point is not what they do to your own boxes, i couldn't care less about that. It's obviously about what your boxes can be used to do against others. And if by laxing security you let them do it, you probably have your own share of responsability.
This is not the 1980's anymore. Having a host on the internet amounts to having some resposibility. Welcome to the 21st century, like it or not... -----
Setting specific times/dates for auditing effectively renders audits useless. By doing that, you are permitting people that have malicious intent in using the computer "outside the rules", because they can cover up their trails very very easily. The only people you're ever going to find "abusing" the system are the poor fellows who were doing things inadverdetly and weren't really paying attention to whether they were inside or outside the rules...
In other words, Joe Smith that is sending confidential info outside the company will cover up his tracks easily by only sending/receving funny email from 9:00 to 12:00 and always deleting whatever he gets, while Jane Doe will get busted because she viewed one-too-many GAP catalog pages (the limit was 50 and she forgot...) between 4 and 6... -----
Critical systems, either from a security or from a reliability stand-point, are very different from retail systems.
You can never be sure of anything unless you check it yourself. Mere "trust" is seldom an option when it comes to mission-critical applications. And while trust if acceptable in commercial systems (if it breaks, let's sue them) it just isn't an option when break-of-trust involves lives or national security.
That's why I understand that banks use Microsoft products, but i get very scared when aerospace or medical systems even go near Windows...
-----
This is an exemplary practice and should be encouraged at a time when most businesses call the lawyers and issue threats without making any attempt to speak with the other party human to human.
IMHO, they just did it because they couldn't sue...
IMHO, the accepted proposals are very, very bad choices, as far as domain names go. And that is the matter, isn't it? What TLDs to support, not _who_ is going to support them.
Let me moderate them one by one:
.bizScore 1, Redundant
A dot-com wannabe? What does this entail, other than having the people that already own dot-com trying to sue for the dot-biz?
.infoScore -1, Redundant
Hmm, i wonder what this one if for? Any use i can think of for this one can be better served by info.domain.something...
.nameScore -1, Silly
This is probably the worse option for "personal" domains i can think of. Let alone sorting problems with two people having the same name (who gets the domain? the oldest?), i don't really think this is going to be very popular. I wouldn't want one, would you? IMHO they should have gone for.home,.ind (for individual, or independent, or whatever you want it to mean) or something of the kind.
.proScore 4, Interesting
This looks like it can actually be used to some effect. Of course, if it's targeted at professionals of some sort, i wonder if it is going to achieve its objectives. I see a lot of www.windows.pro domains popping up for magazines, companies, and so on. But that's probably what they want anyway, to sell domain names, right? Being useful to people is for sissies...
.museumScore -1, Troll
dot-what? Is anyone here in their right minds? How many of those are there going to be? 100? 200? 5000? What's next? dot-church? Too limited, too long, too hard to remember if there are only going to be a few of them.
.aeroScore -1, Redundant
Too limited. Too self-serving. Too redundant. Except if it's meant as a domain for airheads...
.coopScore 2, Interesting
This one could be interesting, but isn't this covered by.com or.org already? It could prove limited in usage.
In general, the new domains are either redundant or too limited in usage. The criteria for appraisal of the proposals were not, in my oppinion, in the best interest of the Internet Community. ICANN could have started off a whole lot better.
I always knew I was going to miss Jon Postel, i just didn't know I was going to miss him this much.
Starting off with the wrong foot
on
ICANN Meetings
·
· Score: 1
How will the fact that the elected officials are not allowed to vote in the important TLD matter doesn't really vouch for the transparency of the ICANN.
Why don't they vote? Is it because the might be "unfamiliar" with the issue at hand? I hardly think so.
Now could it be because they are unfamiliar with the decisions that the ICANN has already been loobied into making?
Well, actually some do.
Not for the "core system" but for many of the surrouding systems, most of them can perform financial transactions or access confidential information.
As for other operating systems, I've seen nearly everything being used on banking servers, from OS/390 to HPUX to Solaris to AIX and NT.
Security 101 (or rather, RFC 2196)
on
Microsoft Cracked
·
· Score: 2
While there is no evidence that any changes have been made to the codes, and
experts characterized such a risk as remote
Makes you wonder.
Weren't those same experts characterizing the risk that someone broke into their network as "remote", too?
Evryone knows the standard procedure for security break-ins. Isolate all machines, compare all binaries to archived copies, etc, etc.
RFC 2196, now does that ring a bell?
But of course not, it's going to be "bad hackers versus oh-so-nice Microsoft" all over again. Microsoft's software and OS design lacks in security, but guess what, it's going to be someone else's fault...
Computer security at Microsoft's campus generally was well-regarded until this latest incident.
"Well regarded" just because no one had broken in yet? If Microsoft had been inclined to impose decent security standards on their own private network, they would have to either:
Change most of their software products to make them more secure
Hire as many security engineers as they have programmers so that they could endlessly "securify" the machines
Forbid the use of insecure software in their internal network (and starting running Solaris on servers and Macs on desktops, probably... or Linux on both)
Windows is just too weak. Bad design principles. Too much code. Too bloated. Too obscure.
Well, maybe the guys that took the source code will change this last part...
Living outside the US, I have still followed the Carnivore debate with interest, since a lot of my traffic does go through US-Govt-controlled networks.
So the Government wants to have access to whatever "bad elements" send over the network. But will they ever be able to do it? This isn't voice we're talking about, this is data. Any "bad element" can encrypt it and make it unreadable by Govt officials in any useful timeframe.
And the Govt knows this, so clearly this isn't their objective. So what is? Mass scanning of John Doe's traffic? Must be.
Now let's look at their own site. An MPEG. How do you mass-scan MPEG files for BadThings(tm)? How do you mass-scan JPEGs? I'd like to know other people's view on this.
IANAL, but if a law is passed that prevents me from having the tools i need for my job as a security consultant, wouldn't that break my right to a profession, under the Constitution? (That's the Portuguese Constitution I'm specifically referring to, but most others will have similar content)
Moreover, if I am denied the tools to do my job in this country, what should i do? Get a new job, or just move? Jamaica seems like a nice place to go, and probably they're not really into signing treaties that hurt people's civil rights.
And in the long term? I'm not really worried about computer criminals, they're illegal right now and we have them in all countries, so those won't go away. But what about security specialists? Are the only security specialists left around in 2005 going to be from India, where their job is still legal? Or China? Or Russia?
Slashdot Mirror
Sorry, the browser you currently use is not supported by this site.
Funny... the message I get is The server is down or not responding...
-----
broadband, huh?
i guess that means we can SYN flood them a lot more...
at last we get to see exactly how fast Dreamcasts are... <evil grin/>
-----
You might want to give netsaint a look. It is more of a host monitoring tool, but numerous extensions have been developed for it, so it could be a good base to build upon or integrate with thing like OpenNMS.
-----
wow! and to think you threw away a gleaming career in the Occult Arts of Divination to become a geek...
<smile/>
-----
but they seem to have been eaten by bugs :(
-----
I actually have a couple of sites running MSPS2, so i did know about the product, and (a bit) about the problem. But thanks for the info anyway :)
-----
I would not obviously agree with not blaming the true culprit. But is somehow seems that companies are being definitely lax in their security, and they should take some blame for that too, and just not blame it on the hackers.
From another standpoint: you loan someone your car, and it gets stolen because the person left it unlocked. Do you solely blame the thief?
-----
Sorry, slight tyypo on the gentleman's name... :(
-----
http://www.huskiebrigade.com/insight/dean_98.htm
http://www.thefutureschannel.com/kamen_conversatio n.htm
And yes, it could well be a transportation device...
-----
Now what on earth is a Microsoft Proxy Server? I've heard of HTTP proxies, SOCKS proxies, but Microsoft? What is this new protocol I never heard about??
-----
The author of the article seems to enjoy passing lots and lots of attributes around instead of just passing an object. Stick to that, and i bet your interfaces are going to change veeery quickly...
-----
I was actually supporting searches at irregular times. If you are going to search at all, you might as well do it at odd times, otherwise it's going to be just like you described. (death threats from the supposedly smart user).
-----
What if someone uses your house to set up a drug supermarket, or something of the kind? Don't you think you could be held liable?
The point is not what they do to your own boxes, i couldn't care less about that. It's obviously about what your boxes can be used to do against others. And if by laxing security you let them do it, you probably have your own share of responsability.
This is not the 1980's anymore. Having a host on the internet amounts to having some resposibility. Welcome to the 21st century, like it or not...
-----
Setting specific times/dates for auditing effectively renders audits useless.
By doing that, you are permitting people that have malicious intent in using the computer "outside the rules", because they can cover up their trails very very easily. The only people you're ever going to find "abusing" the system are the poor fellows who were doing things inadverdetly and weren't really paying attention to whether they were inside or outside the rules...
In other words, Joe Smith that is sending confidential info outside the company will cover up his tracks easily by only sending/receving funny email from 9:00 to 12:00 and always deleting whatever he gets, while Jane Doe will get busted because she viewed one-too-many GAP catalog pages (the limit was 50 and she forgot...) between 4 and 6...
-----
You can never be sure of anything unless you check it yourself. Mere "trust" is seldom an option when it comes to mission-critical applications. And while trust if acceptable in commercial systems (if it breaks, let's sue them) it just isn't an option when break-of-trust involves lives or national security.
That's why I understand that banks use Microsoft products, but i get very scared when aerospace or medical systems even go near Windows...
-----
IMHO, they just did it because they couldn't sue...
-----
> With that half an exception, I have yet to see a use of javascript that
> didn't boil down to advertising, laziness, incompetence, or showing off.
Hmmm... you should go out more.
-----
Let me moderate them one by one:
.biz
Score 1, Redundant
A dot-com wannabe? What does this entail, other than having the people that already own dot-com trying to sue for the dot-biz? .info
Score -1, Redundant
Hmm, i wonder what this one if for? Any use i can think of for this one can be better served by info.domain.something... .name
Score -1, Silly
This is probably the worse option for "personal" domains i can think of. Let alone sorting problems with two people having the same name (who gets the domain? the oldest?), i don't really think this is going to be very popular. I wouldn't want one, would you? IMHO they should have gone for .home, .ind (for individual, or independent, or whatever you want it to mean) or something of the kind. .pro
Score 4, Interesting
This looks like it can actually be used to some effect. Of course, if it's targeted at professionals of some sort, i wonder if it is going to achieve its objectives. I see a lot of www.windows.pro domains popping up for magazines, companies, and so on. But that's probably what they want anyway, to sell domain names, right? Being useful to people is for sissies... .museum
Score -1, Troll
dot-what? Is anyone here in their right minds? How many of those are there going to be? 100? 200? 5000? What's next? dot-church? Too limited, too long, too hard to remember if there are only going to be a few of them. .aero
Score -1, Redundant
Too limited. Too self-serving. Too redundant. Except if it's meant as a domain for airheads... .coop
Score 2, Interesting
This one could be interesting, but isn't this covered by .com or .org already? It could prove limited in usage.
In general, the new domains are either redundant or too limited in usage. The criteria for appraisal of the proposals were not, in my oppinion, in the best interest of the Internet Community. ICANN could have started off a whole lot better.I always knew I was going to miss Jon Postel, i just didn't know I was going to miss him this much.
Why don't they vote? Is it because the might be "unfamiliar" with the issue at hand? I hardly think so.
Now could it be because they are unfamiliar with the decisions that the ICANN has already been loobied into making?
Not for the "core system" but for many of the surrouding systems, most of them can perform financial transactions or access confidential information.
As for other operating systems, I've seen nearly everything being used on banking servers, from OS/390 to HPUX to Solaris to AIX and NT.
Weren't those same experts characterizing the risk that someone broke into their network as "remote", too?
Evryone knows the standard procedure for security break-ins. Isolate all machines, compare all binaries to archived copies, etc, etc.
RFC 2196, now does that ring a bell?
But of course not, it's going to be "bad hackers versus oh-so-nice Microsoft" all over again. Microsoft's software and OS design lacks in security, but guess what, it's going to be someone else's fault...
Windows is just too weak. Bad design principles. Too much code. Too bloated. Too obscure.
Well, maybe the guys that took the source code will change this last part...
So the Government wants to have access to whatever "bad elements" send over the network. But will they ever be able to do it? This isn't voice we're talking about, this is data. Any "bad element" can encrypt it and make it unreadable by Govt officials in any useful timeframe.
And the Govt knows this, so clearly this isn't their objective. So what is? Mass scanning of John Doe's traffic? Must be.
Now let's look at their own site. An MPEG. How do you mass-scan MPEG files for BadThings(tm)? How do you mass-scan JPEGs? I'd like to know other people's view on this.
Hmmm... Now you mention it, isn't COBOL a fork of Assembly? Funny how MOVE LOW VALUES INTO A looks so much like LD (HL), #0000...
Moreover, if I am denied the tools to do my job in this country, what should i do? Get a new job, or just move? Jamaica seems like a nice place to go, and probably they're not really into signing treaties that hurt people's civil rights.
And in the long term? I'm not really worried about computer criminals, they're illegal right now and we have them in all countries, so those won't go away. But what about security specialists? Are the only security specialists left around in 2005 going to be from India, where their job is still legal? Or China? Or Russia?
Well, Australia seems like a nice place to go...