Spamassassin is the last thing I use in my arsenal. It's too processor intensive. I use Mimedefang and sendmail checks as the first line of defense (spoofing, bad rcpt throttling, mail to system accounts, invalid helos, trustworthy RBL listings, etc.) On a typical day I *REJECT* about 5000 messages before going beyond 'HELO', 'MAIL FROM', and 'RCPT TO'. Of the rest that come though, I drop maybe 50 via spamassassin, and another 50 get flagged as spam. That's 100 things analyzed versus 5000.
If you are using nothing but SA and Bayes, you are doing it wrong.
I'd post this week's stats from my servers, but slashdot's junk character detector is a piece of shit.
They are compromising accounts now, using, in part, the data collected by the lulzsec breaches. I have several friends using yahoo who have now sent me spam messages. Their old tactics have been rendered ineffective by spam fighting efforts, so now they are doing this.
Oh, right, we'd rather take a magic pill (antivirus software) than do the right things to keep it from happening in the first place. Exercise and proper diet? No way! It's not my fault I'm fat!
Yes, but there are conservative configurations and best practices that avoid most of the problems. And Microsoft ignored these things for years. Even today, they think that inbound blocking on client systems not on a trusted domain is enough. You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' netbios broadcasts from machines that KNOW they are on an untrusted network. WHY?
My open AP sits on a segregated subnet. It is also running a captive portal. If you need to get into my private network, you must use a VPN client. If you want to browse freely on the Internet, you must authenticate to the captive portal.
It's a shame Sprint has abandoned the HPalm line. Hopefully it will gain traction on Verizon and ATT. No 'jailbreaking' necessary. The platform is open and easy to modify to your heart's content. HP actively recognizes, encourages, and works with the homebrew community.
Use openvpn, and lock down access to only those on the vpn network. If you don't mind spending $200, you can get a 3 port netgate loaded with pfsense. Put your wireless AP on the third interface.
- You had your own web page to identify yourself, and you advertised it in your mail.sig, usenet.sig, and IRC username - You used usenet, irc, and email to communicate and keep up to date with things. Your status was accomplished using finger
You were in control of your own data, and it all seemed to work rather well.
Then the general "I don't know how to use a computer" crowd came along, and people who knew some PHP found a way to make money off of them.
Why are you trying all of these solutions for the simple task of syncing your music?
rsync, and a little sed/awk to modify the playlists per device. Done. For consistent tagging and encoding, I use LAME. I'm still not into paying money for compressed music that likely isn't tagged or encoded the way I want to begin with.
That would have been when all services were exposed to the Internet, plaintext protocols were the norm, exploits were of the single-packet variety, etc.
This is why the new 'think of the children' TLD should have been.kids, not.xxx. Configure your transparent proxy to only allow connections from your child's computer to.kids domains. Done. Good luck filtering.com,.org,.net, etc.
HP's WebOS, for example. But even there, they have hybrid apps where you can use native APIs. On the desktop, why make your desktop just a big browser? Lame.
Speak for yourself. I grew up with usenet, ftp, and IRC. Actually ran the #mtb channel on EFNet for awhile. I first became interested in infosec by writing bots to defend the channel. Who knew it would turn into a career:-)
Windows APIs have no business in linux systems. And most intelligent companies, including the US military, and many fortune 500 companies, are already doing things on linux, using native linux tools. Even smaller shops, like the one I work for, get it.
One of the things that killed OS/2 was its ability to run windows better than windows. So, why write native OS/2 code?
Doing things the windows way on a linux platform instead of taking advantage of what makes linux linux is, to put it mildly, misguided.
Too much software is written without any thought as to how it fits within a process. Management tends to just throw technology at a problem, vs. first analyzing what they are trying to achieve and molding the software to that process to increase efficiency. Too often, software is chosen, and the business then molds their process around it, making things a pain in the ass for everybody except your "passionate" developers, who likely don't know a whole lot about the existing (or lack thereof) process. Retarded.
Slashdot Mirror
Spamassassin is the last thing I use in my arsenal. It's too processor intensive. I use Mimedefang and sendmail checks as the first line of defense (spoofing, bad rcpt throttling, mail to system accounts, invalid helos, trustworthy RBL listings, etc.) On a typical day I *REJECT* about 5000 messages before going beyond 'HELO', 'MAIL FROM', and 'RCPT TO'. Of the rest that come though, I drop maybe 50 via spamassassin, and another 50 get flagged as spam. That's 100 things analyzed versus 5000.
If you are using nothing but SA and Bayes, you are doing it wrong.
I'd post this week's stats from my servers, but slashdot's junk character detector is a piece of shit.
They are compromising accounts now, using, in part, the data collected by the lulzsec breaches. I have several friends using yahoo who have now sent me spam messages. Their old tactics have been rendered ineffective by spam fighting efforts, so now they are doing this.
So, for diseases, we focus on prevention.
Oh, right, we'd rather take a magic pill (antivirus software) than do the right things to keep it from happening in the first place. Exercise and proper diet? No way! It's not my fault I'm fat!
For those of you who don't understand the military's networks. And there are a lot of you, it seems.
http://en.wikipedia.org/wiki/SIPRNet
http://en.wikipedia.org/wiki/NIPRNet
http://en.wikipedia.org/wiki/Sigint
After the games the author played with the Adblock Plus extension, I simply cannot trust it.
http://adblockplus.org/blog/attention-noscript-users
Yes, but there are conservative configurations and best practices that avoid most of the problems. And Microsoft ignored these things for years. Even today, they think that inbound blocking on client systems not on a trusted domain is enough. You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' netbios broadcasts from machines that KNOW they are on an untrusted network. WHY?
My open AP sits on a segregated subnet. It is also running a captive portal. If you need to get into my private network, you must use a VPN client. If you want to browse freely on the Internet, you must authenticate to the captive portal.
It's a shame Sprint has abandoned the HPalm line. Hopefully it will gain traction on Verizon and ATT. No 'jailbreaking' necessary. The platform is open and easy to modify to your heart's content. HP actively recognizes, encourages, and works with the homebrew community.
http://www.webos-internals.org/wiki/Main_Page
Use openvpn, and lock down access to only those on the vpn network. If you don't mind spending $200, you can get a 3 port netgate loaded with pfsense. Put your wireless AP on the third interface.
http://store.netgate.com/Desktop-Systems-C83.aspx
*sigh*
We used to. See above.
I do often miss the 'old' Internet.
- You had your own web page to identify yourself, and you advertised it in your mail .sig, usenet .sig, and IRC username
- You used usenet, irc, and email to communicate and keep up to date with things. Your status was accomplished using finger
You were in control of your own data, and it all seemed to work rather well.
Then the general "I don't know how to use a computer" crowd came along, and people who knew some PHP found a way to make money off of them.
Why are you trying all of these solutions for the simple task of syncing your music?
rsync, and a little sed/awk to modify the playlists per device. Done. For consistent tagging and encoding, I use LAME. I'm still not into paying money for compressed music that likely isn't tagged or encoded the way I want to begin with.
Elementary spelling classes, too.
Sudo works.
More complexity breeds less security, so why do it?
This is like upstart coming along vs. sysv. Damn, I hate managing my ubuntu laptop and my phone.
That would have been when all services were exposed to the Internet, plaintext protocols were the norm, exploits were of the single-packet variety, etc.
This is why the new 'think of the children' TLD should have been .kids, not .xxx. Configure your transparent proxy to only allow connections from your child's computer to .kids domains. Done. Good luck filtering .com, .org, .net, etc.
It appears that the terrorists have won.
HP's WebOS, for example. But even there, they have hybrid apps where you can use native APIs. On the desktop, why make your desktop just a big browser? Lame.
I love living in a country where corporations write our laws.
And politicians. God, I hate career polititians. We need leaders, not politicians.
Speak for yourself. I grew up with usenet, ftp, and IRC. Actually ran the #mtb channel on EFNet for awhile. I first became interested in infosec by writing bots to defend the channel. Who knew it would turn into a career :-)
Mod this up.
Windows APIs have no business in linux systems. And most intelligent companies, including the US military, and many fortune 500 companies, are already doing things on linux, using native linux tools. Even smaller shops, like the one I work for, get it.
One of the things that killed OS/2 was its ability to run windows better than windows. So, why write native OS/2 code?
Doing things the windows way on a linux platform instead of taking advantage of what makes linux linux is, to put it mildly, misguided.
Too much software is written without any thought as to how it fits within a process. Management tends to just throw technology at a problem, vs. first analyzing what they are trying to achieve and molding the software to that process to increase efficiency. Too often, software is chosen, and the business then molds their process around it, making things a pain in the ass for everybody except your "passionate" developers, who likely don't know a whole lot about the existing (or lack thereof) process. Retarded.
Word Perfect's equation editor language kicked much ass as well.