ARRRGH!! you used the words "Java" and "Oracle" in the same paragraph.
Curses! as of Oracle 8.1.6.1.2 - you're stuck with JServer - you can delete it synonyms, shrink its shared pool, but its still in there (the word inoperable comes to mind).
SQL*Plus: Release 8.1.6.0.0 - Production on Wed Sep 27 20:27:49 2000
(c) Copyright 1999 Oracle Corporation. All rights reserved.
Connected to:
Oracle8i Release 8.1.6.1.0 - Production
JServer Release 8.1.6.0.0 - Production
That's great that Oracle supports Java, but they shouldn't force it upon you (yes, I have to run Oracle). I think that Java is great for making body parts move rhythmically in a browser, but think that it does not belong in a database.
What about RAID 1 volumes?
I believe, that is you have a mirror of the drive, that you would have *many* of the installed images. Mirroring does not just imply one copy, as triple mirroring is common as a means of providing backups of 7 x 24 sites.
So generate these, then store the drivs away for upgrade time - or not. I can't think of a bigger waste of resouces than this.
mod this down.
Right. So burn Xtras and share them with your friends (and their friends). Pretty amazing how many mp3's (at 192 kb) fit onto a $0.65 CD-ROM. Like 10 CDs worth.
Finally an app that *NEEDS* a 1 GHz CPU - backups
on
Copying A DVD To A CD?
·
· Score: 1
yep, my dual PIII 550 box probably won't cut it.
When is AMD supporting SMP?
I'm still waiting for AMD SMP before next upgrade.
and it would require a beowulf cluster to run it.
Seriously, can anything in Java run fast?
With a PIII 550, a sigma designs Hollywood decoder, a voodoo 3 3000 AGP card and a SoundBlaster Live! - I still get frames dropped.
No way would anything Java-based play a DVD - without lots of GHz.
What is the oversell ration for business versus home usage? I'd bet that its different by a factor of 10, if not more. Of course the ISP doesn't have 100mbps of capacity for each user - they probably have around 10 kbps allocated per home, at best. If your business's 1.54 Mbps T1 line (at $700/month) was oversold at a factor of 100, you would sever the contract and change providers immediately. (by oversold, I mean the amount of capacity of their OC-3 lines versus the combined sold capacity of their residential and commerical customers. But there's no QOS (quality of service) for even commercial DSL, let alone residential.
Its not 100 MB - its 100 Mbps.
Fast Ethernet over copper is 100 Megabit per second. Full duplex would be better, but its not likely that each house would have a switched connection, at least early on. So shared topology means that one connection with a single good hard drive (say an ATA-100 or Ultra160/m) could still download at the full speed of the entire shared connection. With TCP/IP overhead figured in, that's only 10.6 MB/sec capacity - not much.
The Internet provider of 100mb connections should bundle a device such as a 5 port 10/100 switch that is capable of NAT/packet filtering and configure it as part of the installation.
Now, I'm not saying *require* it, just provide it as the default option. If the user has a *nix box for a firewall (Linux, *BSD, LRP), they should know that the ISP will be scanning the users machines for known vulnerabilities (@Home does this). If you have services running beyond the acceptable use policy du jour, you risk termination.
Also, I assume that this would be an asymmetric connection. What home would *NEED* 100mb upload capacity? I can see wanting to serve your videos to friends and family - but that's going to be on a protocol that wouldn't be directed at some company on the net. In other words, set limits on certain protocols, like ICMP, that are used in DoS attacks.
wow, I hadn't thought of that.
Yes, its always NIMBY thinking until one's own account is compromised.
Looks like its time for me to get a dedicated credit card for internet use with a smallish limit - apply principle of least privilege to one's own credit cards.
I bought someone a gift certificate card fom Barnes and Noble. Until it is activated at the cash register via a transaction, it is just a plastic card with a magnetic strip. I can't see a clerk at a 7-11 as being able to activate more that 1 of these per minute. If 10 are generated within 10 minutes, it ought to generate a notice that an irregular event is taking place. What robber wants a holdup in a 7-11 to take 10 minutes?
When a redemption trasaction is put through with the "stolen" disposable credit card, the local authorities and Fox's COPS and Deadliest Car Crashes would be notified for the ensuing car chase.
Up and at 'em.
that's because you can't tell if someone has issued the query
"select name,credit_card_num,exp_date
from web_user_info;"
once it has been flushed from the shared pool. If you noticed that something strange was going on, the DBA could pull or the text from the recently issued queries from v$sqlarea and v$sqltext. Unless auditing is enabled (or logging is provided within the application), there is no record of queries issued against the database - its just too much overhead for most apps.
Wrong.
Don't give the account that is on the webserver the "SELECT ANY TABLE" privilege.
create packages (stored procedures) on the Oracle Server that perform operations such as insert_cust_info and insert_cust_credit_card.
Don't use public synonyms on the Oracle Database.
In this manner, if (when) the webserver is cracked, the account that is now owned can only insert data. By storing customer credit card info in a separate table that only DBAs (and specific procedures) have access to - the compromise dof the webserver does not allow the type of access that the hAx0r is looking for.
I believe that this is called "Principle of least privilege". Apply it.
Its not just the fscking installer that's Java-based, but everything except for svrmgrl and sqlplus. The entire DBA studio, Oracle Enterprise Manager are java based - that's why you need 512 MB ram and 1 GHz in your desktop - to watch assinine rotating globe spin around. Assholes.
Have you ever tried to use DBA Studio over a dialup connection with remote control software?
The only way to do that is to use an ICA/RDP connection to the sites LAN to a Citrix server and run OEM from there.
Bastards.
You have the right to purchase (rent) what we deem you should purchase at the price that we see fit.
You have the right to view/play/listen to that in the (destructible) formats that we sanction with playters that we sanction (extracted large participatory licensing fees from manufacturures) with no chance at archival or transformation of format.
File?
Get out the grinder! waste that metal in 5 seconds or less. better yet, use a grinding wheel for better control (holding the heat sink in your hands). Best thing ever to do with an old washing machine motor - turn it into a grinder.
Slashdot Mirror
Own T1 line (residential)?
...).
Game over dude - you win.
Are you setting up your own ISP?
Hosting a dedicated Quake III server at night?
Mirroring Metalab?
What would YOU do if you had your own T1?
(I have a cable modem, I know my cable modem, and my cable modem is no T1
ARRRGH!! you used the words "Java" and "Oracle" in the same paragraph.
Curses! as of Oracle 8.1.6.1.2 - you're stuck with JServer - you can delete it synonyms, shrink its shared pool, but its still in there (the word inoperable comes to mind).
SQL*Plus: Release 8.1.6.0.0 - Production on Wed Sep 27 20:27:49 2000
(c) Copyright 1999 Oracle Corporation. All rights reserved.
Connected to:
Oracle8i Release 8.1.6.1.0 - Production
JServer Release 8.1.6.0.0 - Production
That's great that Oracle supports Java, but they shouldn't force it upon you (yes, I have to run Oracle). I think that Java is great for making body parts move rhythmically in a browser, but think that it does not belong in a database.
thank you very much for the link.
21.7 KB/sec at 1:45 EST.
I hope that its done by 8:30 AM
Thanks.
I've been meaning to take the Oracle Internet Appliance (8i with Sun Kernel) for a test drive also.
I have to ask - what filesystem are you using, and do you have an Oracle 8.1.6 test areas available?
What about RAID 1 volumes?
I believe, that is you have a mirror of the drive, that you would have *many* of the installed images. Mirroring does not just imply one copy, as triple mirroring is common as a means of providing backups of 7 x 24 sites.
So generate these, then store the drivs away for upgrade time - or not. I can't think of a bigger waste of resouces than this.
mod this down.
Right. So burn Xtras and share them with your friends (and their friends). Pretty amazing how many mp3's (at 192 kb) fit onto a $0.65 CD-ROM. Like 10 CDs worth.
yep, my dual PIII 550 box probably won't cut it.
When is AMD supporting SMP?
I'm still waiting for AMD SMP before next upgrade.
well, if you leave a default password open on a database that is publicly accessible, a simple (example) query against all_tab_columns such as
select table_name, column_name
from all_tables
where column_name like '%CREDIT%'
or column_name like '%CC%'
or column_name like '%EXP_DATE%';
might turn up the table that contains all of the user credit cards, not just one at a time when they're entered.
and it would require a beowulf cluster to run it.
Seriously, can anything in Java run fast?
With a PIII 550, a sigma designs Hollywood decoder, a voodoo 3 3000 AGP card and a SoundBlaster Live! - I still get frames dropped.
No way would anything Java-based play a DVD - without lots of GHz.
What is the oversell ration for business versus home usage? I'd bet that its different by a factor of 10, if not more. Of course the ISP doesn't have 100mbps of capacity for each user - they probably have around 10 kbps allocated per home, at best. If your business's 1.54 Mbps T1 line (at $700/month) was oversold at a factor of 100, you would sever the contract and change providers immediately. (by oversold, I mean the amount of capacity of their OC-3 lines versus the combined sold capacity of their residential and commerical customers. But there's no QOS (quality of service) for even commercial DSL, let alone residential.
Its not 100 MB - its 100 Mbps.
Fast Ethernet over copper is 100 Megabit per second. Full duplex would be better, but its not likely that each house would have a switched connection, at least early on. So shared topology means that one connection with a single good hard drive (say an ATA-100 or Ultra160/m) could still download at the full speed of the entire shared connection. With TCP/IP overhead figured in, that's only 10.6 MB/sec capacity - not much.
The Internet provider of 100mb connections should bundle a device such as a 5 port 10/100 switch that is capable of NAT/packet filtering and configure it as part of the installation.
Now, I'm not saying *require* it, just provide it as the default option. If the user has a *nix box for a firewall (Linux, *BSD, LRP), they should know that the ISP will be scanning the users machines for known vulnerabilities (@Home does this). If you have services running beyond the acceptable use policy du jour, you risk termination.
Also, I assume that this would be an asymmetric connection. What home would *NEED* 100mb upload capacity? I can see wanting to serve your videos to friends and family - but that's going to be on a protocol that wouldn't be directed at some company on the net. In other words, set limits on certain protocols, like ICMP, that are used in DoS attacks.
I posted too late for anyone to read this anyway.
wow, I hadn't thought of that.
Yes, its always NIMBY thinking until one's own account is compromised.
Looks like its time for me to get a dedicated credit card for internet use with a smallish limit - apply principle of least privilege to one's own credit cards.
Yes, that solves it!
All SysAdmins should be required to read Slashdot for accurate info as to how best to secure their boxes and networks.
maybe not.
I bought someone a gift certificate card fom Barnes and Noble. Until it is activated at the cash register via a transaction, it is just a plastic card with a magnetic strip. I can't see a clerk at a 7-11 as being able to activate more that 1 of these per minute. If 10 are generated within 10 minutes, it ought to generate a notice that an irregular event is taking place. What robber wants a holdup in a 7-11 to take 10 minutes?
When a redemption trasaction is put through with the "stolen" disposable credit card, the local authorities and Fox's COPS and Deadliest Car Crashes would be notified for the ensuing car chase.
Up and at 'em.
that's because you can't tell if someone has issued the query
"select name,credit_card_num,exp_date
from web_user_info;"
once it has been flushed from the shared pool. If you noticed that something strange was going on, the DBA could pull or the text from the recently issued queries from v$sqlarea and v$sqltext. Unless auditing is enabled (or logging is provided within the application), there is no record of queries issued against the database - its just too much overhead for most apps.
Wrong.
Don't give the account that is on the webserver the "SELECT ANY TABLE" privilege.
create packages (stored procedures) on the Oracle Server that perform operations such as insert_cust_info and insert_cust_credit_card.
Don't use public synonyms on the Oracle Database.
In this manner, if (when) the webserver is cracked, the account that is now owned can only insert data. By storing customer credit card info in a separate table that only DBAs (and specific procedures) have access to - the compromise dof the webserver does not allow the type of access that the hAx0r is looking for.
I believe that this is called "Principle of least privilege". Apply it.
Its not just the fscking installer that's Java-based, but everything except for svrmgrl and sqlplus. The entire DBA studio, Oracle Enterprise Manager are java based - that's why you need 512 MB ram and 1 GHz in your desktop - to watch assinine rotating globe spin around. Assholes.
Have you ever tried to use DBA Studio over a dialup connection with remote control software?
The only way to do that is to use an ICA/RDP connection to the sites LAN to a Citrix server and run OEM from there.
Bastards.
"Get over it. You have no rights online."
(and the misspelling was intentional)
You have the right to purchase (rent) what we deem you should purchase at the price that we see fit.
You have the right to view/play/listen to that in the (destructible) formats that we sanction with playters that we sanction (extracted large participatory licensing fees from manufacturures) with no chance at archival or transformation of format.
PULL!
Fire away.
see you down in Arizona Bay.
File?
Get out the grinder! waste that metal in 5 seconds or less. better yet, use a grinding wheel for better control (holding the heat sink in your hands). Best thing ever to do with an old washing machine motor - turn it into a grinder.
How else do you keep your knives sharp? 8P
> I am a goat fucker.
that's it - no more goat cheese in my diet.
what's your point?
Yep,
ftp> ls -l
-rw------- 1 506 523 677361664 Aug 31 20:59 ulysses-inst.iso
Looks like anon users will have to wait.
Pd
I would have modded this up if I hadn't posted in this thread already. ...)
(Viewing at -1 doing the mod thing
Yes, Bastille's hardening scripts for RedHat will also work on Mandrake - but I don't know what it will do on the new versions ... ymmv
n ux/Bastille-1.1.0.tgz
http://www.bastille-linux.org/
http://sourceforge.net/download.php/bastille-li