Its called "blind spoofing" and has been done successfully for a long time. Here's a link:
http://www.wbglinks.net/pages/reads/ipspoof/inrt ot oipspoofing.html
You are correct that up-to-date software which uses TCP-only and random sequence numbers will make this too difficult for a spammer to bother you. Not everyone's email software is current (I recently received some uucp-routed mail, for example. Haven't seen '!' in an address for quite a while).
My point was just that the source address is supplied by the source, not the destination end of the connection, and can (conceivably) be faked. I didn't want less knowledgeable people than you to be misled.
err... no. The sender puts the source address in an IP packet, the destination sends replies to that address. If the source doesn't care about the replies, it can just lie about the source address. There is no magic "caller ID' for telling the source address.
Some spam software forges source address and just sends packets at the right time so that some make it through the protocol.
Measuring the distance only requires you know the speed of light in a vacuum, which is fairly easy to measure. They were repeating Eddington's 1919 measurement of the deflection by a massive body. As Eddington wrote while developing the plates in Brazil:
Oh leave the Wise our measures to collate One thing at least is certain, light has weight One thing is certain and the rest debate Light rays, when near the Sun, do not go straight.
The GPL purports to perform two tasks: pass along rights of usage, manipulation and distribution, and yet place restrictions on commercial manipulation. This "enforced sharing" has never really been done, and I think it is subject to some of the other questions about common licensing practices in software licensing.
Incorrect. The GPL is a copyright notice. It does not tell you anything about usage (as some EULA's attempt to do). It grants you a license to modify, copy and distribute the work, if you accept its terms. If you don't accept, you can still modify, just not copy and distribute. The GPL is far less problematic then the average EULA, and far more likely to stand court challenges (if backed by expensive-enough lawyers).
From your post, I can tell that your parents frequently beat you as a child, and that your neuroses have grown to your current distrust of scientific authority.
The 8008 was an 18-pin chip. I bought one for $125 when it first came out, and it was a royal pain to use, since the address, data, and startup mode were all folded onto the same pins. But when you added eight 1K DRAMs and all the glue logic, the computer was quite sophisticated. I don't remember the clock speed, but I'm sure it was less than 1 MHz.
The real chips that were used in many projects were the later 8080 and Motorola 6800 (and the 6502 copy of it in the days before hefty lawsuits).
The question of course is WHICH 50 million was 'wrong'
Obviously, its the 17,472 Buchanan voters in Florida who were right, since they decided the outcome of the election. No, wait, I meant to vote for Nader, dammit.
Re:You're forgetting the 8 new GPRs
on
Athlon 64 Debuts
·
· Score: 1
Because the new AMD64 instruction set includes 8 more general purpose registers...
How many instructions do you execute between context switches, where you have to save those 8 extra registers and reload different values? In I/O intensive apps (like database), pretty often. Sounds like could be a win, could be a loss. Depends.
Re:this is great but...
on
Athlon 64 Debuts
·
· Score: 2, Insightful
I'm looking at a 1TB disk array. Since that's more than 2B blocks, I can't store the disk block address in a signed 32-bit number any more.
Barring that, what do I have that cries out for 64 bit arithmetic? Not much.
Also, try compiling the same app in 32-bit and 64-bit modes. The 64-bit app is a lot bigger and slower, since all the pointers doubled in size, so less code fits in cache, and I'm using more memory bandwidth.
The 16 to 32-bit conversion was forced, because it didn't take much of a problem to overflow a 16-bit number. The need for 64-bit hardware is a little less obvious.
Add in power and cost and I'm guessing that 32-bit hardware will continue to be sold for quite a while.
Wouldn't you think they would at least checksum the files to see if they've been tampered with? or infected with a virus? Its clear they aren't taking even minimal precautions to ensure accurate results.
Any "good" domain-based spam filter checks for the existence of the suffixed DN as well.
Not true. This would mean I should accept mail from "spammer.com" if ".com" exists? The sender is doing the wrong thing. They should not be sending mail from machine1.domain.com where machine1 is behind a firewall. In sendmail (and any other mail agent) it is trivial to rewrite the header to say the mail came from domain.com. After all, I can't reply to machine1.domain.com if it doesn't exist.
To: abuse@verisign.com From: Dear DNS administrators,
The mail server I am administering is experiencing a problem with spam. I have not getten check_rcpt rule checks in the.com TLD since 9/15. All domains are now returning an A record, even though they are not registered domains. Please correct this error in your servers.
Since when does the US Congress decide what's in the whois database? As far as I know ARIN does whois for North America, Caribbean and Africa.
If you don't want to run a public server, don't get a public IP address, run behind NAT. If you want to connect to my server, then I should be able to contact you if someone on your system does something wrong.
Also, what percentage of the boxes that were hacked did the admin even detect? There are a lot of hacked Windows machines out there sending out viruses that the owners don't even realize are hacked. Where are the admin tools like/var/log/secure, last, tripwire?
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Or do they simply believe nobody can prove otherwise?
Which part of innocent until proven guilty don't you understand? Until SCO comes up with evidence no-one "owes" anything. Nor can they force a license on you.
Slashdot Mirror
Its called "blind spoofing" and has been done successfully for a long time. Here's a link:
t ot oipspoofing.html
http://www.wbglinks.net/pages/reads/ipspoof/inr
You are correct that up-to-date software which uses TCP-only and random sequence numbers will make this too difficult for a spammer to bother you. Not everyone's email software is current (I recently received some uucp-routed mail, for example. Haven't seen '!' in an address for quite a while).
My point was just that the source address is supplied by the source, not the destination end of the connection, and can (conceivably) be faked. I didn't want less knowledgeable people than you to be misled.
err... no. The sender puts the source address in an IP packet, the destination sends replies to that address. If the source doesn't care about the replies, it can just lie about the source address. There is no magic "caller ID' for telling the source address.
Some spam software forges source address and just sends packets at the right time so that some make it through the protocol.
Measuring the distance only requires you know the speed of light in a vacuum, which is fairly easy to measure. They were repeating Eddington's 1919 measurement of the deflection by a massive body. As Eddington wrote while developing the plates in Brazil:
Oh leave the Wise our measures to collate
One thing at least is certain, light has weight
One thing is certain and the rest debate
Light rays, when near the Sun, do not go straight.
The GPL purports to perform two tasks: pass along rights of usage, manipulation and distribution, and yet place restrictions on commercial manipulation. This "enforced sharing" has never really been done, and I think it is subject to some of the other questions about common licensing practices in software licensing.
Incorrect. The GPL is a copyright notice. It does not tell you anything about usage (as some EULA's attempt to do). It grants you a license to modify, copy and distribute the work, if you accept its terms. If you don't accept, you can still modify, just not copy and distribute. The GPL is far less problematic then the average EULA, and far more likely to stand court challenges (if backed by expensive-enough lawyers).
From your post, I can tell that your parents frequently beat you as a child, and that your neuroses have grown to your current distrust of scientific authority.
The 8008 was an 18-pin chip. I bought one for $125 when it first came out, and it was a royal pain to use, since the address, data, and startup mode were all folded onto the same pins. But when you added eight 1K DRAMs and all the glue logic, the computer was quite sophisticated. I don't remember the clock speed, but I'm sure it was less than 1 MHz.
The real chips that were used in many projects were the later 8080 and Motorola 6800 (and the 6502 copy of it in the days before hefty lawsuits).
The question of course is WHICH 50 million was 'wrong'
Obviously, its the 17,472 Buchanan voters in Florida who were right, since they decided the outcome of the election. No, wait, I meant to vote for Nader, dammit.
Because the new AMD64 instruction set includes 8 more general purpose registers...
How many instructions do you execute between context switches, where you have to save those 8 extra registers and reload different values? In I/O intensive apps (like database), pretty often. Sounds like could be a win, could be a loss. Depends.
I'm looking at a 1TB disk array. Since that's more than 2B blocks, I can't store the disk block address in a signed 32-bit number any more.
Barring that, what do I have that cries out for 64 bit arithmetic? Not much.
Also, try compiling the same app in 32-bit and 64-bit modes. The 64-bit app is a lot bigger and slower, since all the pointers doubled in size, so less code fits in cache, and I'm using more memory bandwidth.
The 16 to 32-bit conversion was forced, because it didn't take much of a problem to overflow a 16-bit number. The need for 64-bit hardware is a little less obvious.
Add in power and cost and I'm guessing that 32-bit hardware will continue to be sold for quite a while.
Wouldn't you think they would at least checksum the files to see if they've been tampered with? or infected with a virus? Its clear they aren't taking even minimal precautions to ensure accurate results.
You're right and the above poster hit it right on the nose. From the AOL history site:
July 1993 - Jan Brandt starts sending AOL disks in the mail
That makes it pretty clear, doesn't it?
Some other VeriSign IP addresses
64.94.110.11 sitefinder-idn.verisign.com
65.205.249.60 www.verisign.net
216.168.253.68 digitalid.verisign.net
216.168.254.20 bay-w1-inf5.verisign.net
216.168.254.21 goldengate-w2-inf6.verisign.net
198.41.3.39 ns1.crsnic.net
Yeah, yeah, and Beta was better than VHS. Get over it.
You can take my Perl away when you pry it from my cold, dead keyboard.
Actually, it was a little earlier.
Founded in 1985, AOL initially offered limited online services for what was then a tiny market of personal-computer users...
Any "good" domain-based spam filter checks for the existence of the suffixed DN as well.
Not true. This would mean I should accept mail from "spammer.com" if ".com" exists? The sender is doing the wrong thing. They should not be sending mail from machine1.domain.com where machine1 is behind a firewall. In sendmail (and any other mail agent) it is trivial to rewrite the header to say the mail came from domain.com. After all, I can't reply to machine1.domain.com if it doesn't exist.
Personals
SWX, clean, non-smoking, looking for long term relationship. Willing to accomodate unusal formats. Cheap, but not easy.
ummm.. warrant? judge? 4th amendment to the US Constitution prohibiting unreasonable search and seizure?
If John Ashcroft wants to get a warrant every time he asks for my library records or to monitor my email, I'm all in favor. Let him.
The name Patriot Act is kind of ironic, since the American Patriots were the people who rebelled against an overly repressive regime.
So do what I did:
.com TLD since 9/15. All domains are
To: abuse@verisign.com
From:
Dear DNS administrators,
The mail server I am administering is experiencing a problem with spam. I have
not getten check_rcpt rule checks in the
now returning an A record, even though they are not registered domains. Please
correct this error in your servers.
Thank you,
Since when does the US Congress decide what's in the whois database? As far as I know ARIN does whois for North America, Caribbean and Africa.
If you don't want to run a public server, don't get a public IP address, run behind NAT. If you want to connect to my server, then I should be able to contact you if someone on your system does something wrong.
Also, what percentage of the boxes that were hacked did the admin even detect? There are a lot of hacked Windows machines out there sending out viruses that the owners don't even realize are hacked. Where are the admin tools like /var/log/secure, last, tripwire?
ZoneAlarm? Please.
Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Gee, sure looks kind of like privacy to me
Take this Jobs and shove it.
From the Apple website
It's your music, and you can listen to it however and wherever you want to.
Or do they simply believe nobody can prove otherwise?
/.?
Which part of innocent until proven guilty don't you understand? Until SCO comes up with evidence no-one "owes" anything. Nor can they force a license on you.
If I was a lawyer, would I be posting on