Reread what you just posted.. We tried to use 2.4.19 with memory intensive processes and can only get the typical 2.8gigs of memory per process... 2.4.7 (with older memory manager) there are some minor changes you can make to get 3.5 gigs per process..
This might not seem like a big deal to average users, but when running simulations every bit of memory PER process helps, NOT just how much the kernel "sees"... Try it.. We have several machines with 4 gigs of physical memory and it's a pain to get it to use all 4 gigs (plus whatever swap we enable) PER process (again, not just what the kernel sees)...
Yes, no fud here... We received them directly from sun and started a pilot program (I'm talking about 1 hundred (100+) SunBlade 100's.. the first revision had alot of problems with the motherboards and also the memory.. They would lock up at random times.. It got to the point where I HAD to enable logging by default because of all the lock ups... The EU's (in this cause CAD/Layout people) would be stuck with a down machine costing company alot of money..
I guess the newer revisions are better, but overall I can honestly say the 100's still lock up the most out of all of our Sun's in general..
Yes and I understand that the SunBlade were supposed to fill the light desktop void that Sun never filled.. And yes I understand it was supposed to be the cheaper solution.. but I think they initially cut a little too much out...
Patching and enabling logging helped, but overall I wouldn't recommend a Sunblade.. In this case I would buy an ultra 2 off of ebay.. heck, even a descent dual Ultra 60 would cost about the same and I would buy one of those over a SunBlade 100...
As I said in my other post, We can buy PCs for CPU power that Blow away even new suns..
Secondly you could buy a brand new 2ghz machine that'll have IDE but still beat a dual ultra 2 machine for 425.00 (what the auction ended at)...
BTW, Ultra 10 has IDE pal, so no scsi defense on that one...
Also what happens if sun goes out of business tomorrow (yeah, small chance but still) Or they decide to stop supporting the equipment... (IPX's are no longer supported on solaris 8 even)
Also what happens if something breaks on it? Have to wait to go on ebay and buy a new part and wait for the auction to end...
And finally if you're a large coportation and worried that much about resale value you could always lease equipment, whether you lease PCs or Sun's it doesnt matter...
For the small time user, as long as you don't buy bleeding edge you don't loose much on your investment.. and I really don't think an Ultra 2 is bleeding edge either...
We still use ultra 2's where I work, but typically they aren't purchasing any new ones... Most of our farm equipment is all newer, faster stuff such as Blade 1000's and Sunfire 280R's
Also, Please stay away from the Sunblade 100's.. that was Sun's attempt to "save YOU money".. hah...
Well, with certain tools we experience great performance compared to say a SunBlade 1000 (no and I didn't mean to say 100, I meant 1000)... The same tools running on a dual 2.4 gigz machine are almost twice as fast (take 1/2 the time to run) compared to a SunBlade 1000.. the only problem is the 32 bit memory addressing. Processes running under 3.5 gigs are prefect for linux, however anything over that the linux machines can't even run. But for the small jobs PC running linux are a lot faster, plus they are about 1/4 of the price of a Sun Blade 1000 (and these are PCs that are fully loaded, ie all scsi, 4 gigs of memory and only cost 1/4 of what a sunblade 1000 costs). So in the long run throughput may not be AS good but in this instance the CPU time gained makes up for the bus throughput...
So I agree that x86 Solaris isn't that good overall but do not generalize and say that in every case Any modern sun system is better than a PC... I can provide examples of specific instances where a PC running linux is much faster..
1. I live in country, no large GOOD radio stations.. And since I'm in the country I'm always in my car
2) I have a 30 minute commute, listen to traffic for 5 mins then have 25 more minutes to listen to good (and honest to god) NEW music without having some idiot rattle on and on about what they are playing..
3) Since I'm in the country all my friends live atleast 30 mins to 1 hour away.. not exactly long trips but the XM radio makes them go alot quicker.
4) I have a fairly large music collection myself at home and yes, even some MP3's I downloaded.. Secondly I don't have digital cable because I'm really thinking it's a complete rip off.. Something along the lines of 50 Bucks for the same old crap on normal cable BUT with music channels (I get the music channels on XM for a lot less).
There yah go.. This here hick boy really enjoys listening to the music I want to when I want to.. I can tune in on 3 different types of trance/techno music and also listen to Alternative with a quick flip of the button.. It's all relative and I suggest keeping a slightly more open mind.. never know when you'll get fired and have to move out in the good ol' country...
but thats the problem.. don't compare this to houses.. First of all, yes, my address is public, but I'm definitely NOT running any services on it.. there is no sign out front saying I'm "Open for Business".
> If I have not advertised my service as a public service, then keep the hell out.
Then how the hell am I supposed to know what is and what isn't public?? If I can't find it on google that means I can't access it? Who are you to say that I don't want Joe Shmoe accessing MY site?
AND, like a STORE, people advertise that they are a service.. On the Internet you DON'T have that.. because port 80 is open you assume they are offering a service (which is unlike your house). Basically I'm saying that no, it's NOT right to break into a machine (Duh), but thats not my point.. You are offering a service and you need to be more secure than your house... common sense says this.
I don't believe anyone said only kids break into systems. I think the claim was that if it was a younger person breaking in, then they should be treated as one and not be treated as a terrorist.
Also, what about the person in a foreign country who can't even be caught..
I believe it would be your responsibility to watch over yourself if it's out of governments hands entirely.. Perhaps thats why they are labelling them as terrorists.. so our government can handle them accordingly (unfortunately children are now labelled terrorists as well).
Whoever and however it happens it's still your overall problem, isn't it? So basically you could patch and monitor your systems, or sit back and pay no attention and have them break in.. either way you'll have to do "work" and one just might make you look better than the other when pay raises come.
And for the people who do break into your house?? What about them?
And why do people continuously use the comparison of house being broken into and computers being broken into. They are different things... I compare Inet sites to stores.. they are both offering a public service.. they require more attention than a house since a house offers no public services and less security is needed. It's like running a business from your home... even then people use more security at their homes..
And finally, morality is a common sense thing and you may be a perfect moral citizen who does no wrong, but some kids growing up in weird situations have less moral convictions.. I'm not at all defending their acts nor support them, but keep an open mind. I'm all for giving them hard sentences, but strong jail time and fines might not be the correct punishment. Afterall, they'll just end up stealing more to pay for fines, etc..
No, it's on the inet, it's offering a service to the public (if it wasn't it should be on a private subnet and/or firewalled closed).
I'm saying that you are offering a service just like a store would and they take MORE initiatives to stop people from breaking in. Basically, they expect "evil" people because they are open to the public offering their services.. you're comparing a house to a store (normal house doesn't offer anything to public, hence security doesn't need to be at a different standard).
So however they crack your box, because you're offering a service (Whether telnet, www or whatever else) you need to provider yourself with a level of security thats HIGHER than normal, otherwise (as you pointed out in your other post) your company loses money, because those services are no longer available.
Basically I'm saying, it's on the inet then you are responsible for it and since you're offering a service, you even have more responsibilities to watch over.
The difference is they are running a PUBLIC service, so really don't compare it to your house or car, it just doesn't work that way... It's similar to defacing a general store or a Mall or something similar. Basically the invasion of privacy isn't on the level which you speak of. This does not make it "ok" to deface the web page, but please don't compare it to someone "breaking in" to your house, it's a weak argument. Even on a private machine on your dsl connection running apache.. It's a PUBLIC URL, it's supposed to be accessed by all... otherwise, how am I to determine I'm not allowed to connect to it before I even connect to it?? I'm not a mind reader.
Second of all, Public places are responsible for public safety and also security. They provide a public service and need to monitor themselves. So, yes, they have locked doors and other safety measures. If you were selling stuff from your house, or providing a public service from your house I'd expect slightly better security than a normal "everyday" house.
I can't agree with you more.. Sometimes I wonder if he says stuff just to piss people off so they write more.. You know, like on MSNBC and foxnews, they have arrogent, self-centered reporters just saying crap that pisses you off just so you watch it more. Then you have the extreme people who completely agree with the comment as well.. meaning that they have the attention of everyone... Like other big media, slashdot needs to get users and attention.. these 2 players equal large revenue, so next time one of the editors writes something you don't agree with, just blow them off, otherwise when you click the submit button realize you're just putting money in their pockets.
(And yes, I know I posted, but trying to get my point across to not to support them entirely)..
When I used svideo out before you needed a monitor to see what was on the screen before windows loaded.. after that you could select svideo out and let the display appear on the screen.. the only thing is, would i have to setup/install the machine on a normal monitor first then connect to a tv or vcr? in other words, can I just use the svideo out? or do I still need a monitor for reboots and such? would be nice if I only needed the tv for output, no need for a monitor at all..
Fine, lets get away from the hacking problems (Yes, we can all agree hacking and trying to bust through firewalls SHOULD be illegal).. what about a Telnet session that has a free BBS type style to it? How am I supposed to know if that system WANTS guest accounts.. (And yes, I used to run one a little while for fun).
Second of all, why wouldnt a company want maybe a VB app that runs via ssh tunnel that connects to a public sql database?? DO we know that the records are public knowledge?
I just wish WWW wasn't the only acceptable "Click and forget" internet service.. After all, the internet isn't just WWW, it's comprised of many DIFFERENT services that are provided by colleges, universities and businesses... I remember when a shell account and slirp and you could go anywhere any NOT have to worry about being logged and turned into feds..
SO bottom line, NO I can't read the minds of the server admins and see if they allow guest accounts to a BBS style telnet session.. And I have to make an initial connection to even see if they allow that...
Ok, so basically a TCP/IP port is open on both ends and they sit idle until client makes request..
good point.. or is it? Now the client doesnt even know what service he or she is connected to and there is no formal notification.. but lets get away just from SQL specific problems..
The main concern is using/abusing services here.. none of us want to get hacked, right? Security is key here.. but why should this be left up to the client to decide.. People actually do share wingates (however, this has to be one of the most abused instances around)... the fact remains, just because SOME people do not want to share their services, but don't want to have to monitor them doesn't make it right, nor does hacking these services) But/etc/services is just that.. they provide connections for clients and it's up to server to monitor who connects. And if the company decides to have them open, then fine.. but how can we know before connecting? Like I said in previous post, they may wany guests to connect to a BBS type telnet system and or SQL connection via a VB application on a ssh session...
yeah and there is usually a sign that says "by appointment only"... otherwise you'll have alot of people being annoying most of the day if you don't want to be interrupted.
point still being that why is port 80 WWW acceptable to just browse in on? What about MUDS on different ports? what about telnet BBS type systems.. those hosts WANT telnet connections to come in.. I actually ran a telnet style bbs where you could login as guest and post messages and such... I think this taboo about other services is stupid.. SQL should be up with NFS, telnet and WWW in my opinion.. ALL of these protocols/rfc's ARE the internet..
BUT again I stress my main point, I'm against hacking attempts, like busting firewalls and such..
if you don't want to provide a service for all, then I think its up to you to limit it? After all, honestly, how am I supposed to know whether or not to connect? (before I get a Welcome message).
Would you trust your bank to keep your MAC card without a pin? Same deal.. If it's supposed to be secure then it should be otherwise all bets are off.. My point is, if it has a warning message not to use it, you still need to make the initial connection to test (which you pointed out), but if the machine has open services why not use them? Sure get permission sometimes, but if WWW is open, why not use other services.. I mean, legit as well, I'm not refering to hacking attempts (random port scans on an entire subnet, just plain abuse and not "common sense use").. For instance an SQL database with album titles for instance... why not use it if it's a legit service. If I were to login to an account without any prior notification and had root, of course I'd logoff, IF it had the message.. but I would be upset if I got in trouble after the fact, because I didn't see the message until After I logged in.
Basically, I don't trust anyone with my services if I dont want them to have access.. however, if I want a service available, I open it up.. I dont see how this is different than the real world (regarding businesses).. They want the service open then they provide it otherwise you get nothing for free =)
We follow hyper-links without question to port 80 on machines, what is different about other services? Just because WWW is slightly more common people are laxed with it, but I wish other services were regarded the same way (either off or on with security). you could configure browser for telnet:// but that would still be taboo i guess... I mean, dont get me wrong, I'm against hacking attempts here.. but legit use of open services should be acceptable, no? Whether sql or telnet.. and if the original company had sql open and I wasn't hacking around, whats the problem? Just like opening port 80 and viewing... just my thoughts tho...
> When I was a SysAdmin at a big company, we had "greeting" messages that were written by the legal dept just for this purpose. They were warnings about unauthorized access.
well, how the hell can you get a greeting message unless you you already connected? If you connect and get the message you are already violating the warning... please explain the legality of that? It's doing something you thought would be prefectly legal elsewhere (like a telnet connection) then finding out after the fact.. almost seems like entrapment...
What? I'm not trying to be mean here, but what DON'T you get? The car example is very weak? Since when is putting 20 bucks on your dash of you car a public/commerical service? Then trying to relate it to a commerical example of a bank or sql service??
Fine, if we make the relationship, if they didn't want PUBLIC access on a service (SIMILAR TO HTTP, as we can see from the other posters) then they should make note that no users are allowed in the area. There isn't an invitation on the desk, but also there is a "closed off" area that strictly is against customer eyes, unless a clerk is with you. If you don't believe me, then I would go check your bank.. if they let customers roam freely I think I'll make a withdraw from your account (or cancel my account if its at the same bank).. Second of all, banks are LOADED with camera's.. Just try to walk away with it. This camera idea could be compared to LOGGING on the system as well. The bank can see who comes and goes.. just as any other PUBLIC service at a commerical store.
Next time you're standing outside a store, please don't enter unless you get the official "ok".. heaven forbid you enter a store without checking first.
But if you think stealing money from cars and also snooping at banks is YET another public service comparison, you sir live in another world...
However, if they had a terminal available in bank that would reference everyone's account, you would use it no? (I'm not askin about the moral question here, but just the sake of useage). But you see banks DON'T OFFER that PRIVATE service.. It's one thing to offer it to a select group as well, but in this case, sql is open to everyone.. no "bank" clients are refused access. So you're argument had no point because banks don't offer that service or if they do, it's highly restricted, (ie: firewalls in this comparison of bank and server access). So my original point stands its ground.. if the service is offered (in this case sql) publicly, then why is it considered "breaking in"? It's just another service offered. But you're point is that the service isnt even offered? Then it's not a public service..
If you search down below I made a comment on this same arguement... while I don't believe it's a good comparison I'll try to argue my point.
I believe that if it's a commerical company they are responsible for their clients protection.. And like a bank they need to put in the necessary guards and limits on what can be done on their system.. Since they are a company that's on the internet, they are offering services that are available for the public. If no issue is made on connection attempts then why is it "breaking" in? if you want to make a comparison to house example, it would be like me walking in a store.. If the store is closed, (ie: firewall) the door will be locked and I won't be allowed in... However, there is no reason I can't walk in normally and use their services (if payment is necessary as well).
I believe that home dsl connections are a slightly different case.. We honestly don't know the who, what where and how.. But commerical sites offering services should be allowed.. It's like my commerical site hosting dns.. other places use my dns Service... it would be like saying "You can use my dns which is openly available without any protection, but heavens stay away from my other openly available services". And how is making use of one service "ok" and another not? (don't make a weak comparison that its going in and taking money out of register, it's comparing it to using the weights and the pool at a gym, where the weights are dns and pool is sql).
Well, is this 'law' you speak of valid for every country? Just because this is a US based law (is it even one? which law is it?) doesn't mean it applies to servers in Iraq.
Second of all, I've used many services I was never officially authorized to use. I'm not claiming negligence here either, but when do I need to have authorization to enter a store? No forms to sign, no initial agreement.. Second of all, to check if I need authorization I have to make an initial connection to begin with...
last of all, any more DNS queries coming from your domain will be considered trespassing and you'll be fined... so stop all the 'nslookups'.. this is just another service you're illegally using.
I replied to someone who said the same thing up above... I wouldn't compare this to a home.. this is a commerical establishment and they are responsible for protecting their clients. I don't condone breaking in and messing up stuff, just as I wouldn't condone breaking into a bank.
However... If the commerical establishment is offering a service similar to a bank or grocery store then why is it not legal to use it? No where is it stated against its useage nor for it. But a commerical store usually says nothing as well.. Stores are open to general public unless noted (by a security guard, sign or a large electric fence with a high pitched buzzing sound). This could be comparable to a firewall or something similar. My point being is, let's not compare this to say someone's home dsl connection, but an actual company providing content for people to use.. (home being open window one someone's house versus a commerical store with open access). There are alot of databases open to public as we speak.. example might be the database with all the albums made.. (winamp, windows media player use it).
Just a thought, but I think the open house window example is kinda weak when comparing it to technology.. it's a different realm...
Just a quick thought, is it illegal to make simple sql queries to a site openly on the internet? It would be similar to a telnet connection.. I've telneted to places for the simple fact that I was first telnetted to from them..
I've heard of comparisons of this with ppl snooping around a house with unlocked doors.. Well, I wouldn't make that comparison.. I'd say it's closer to a service being offered like a bank or supermarket.. Their doors are open and they are providing a service that doesn't even need to be munipulated/hacked.. And when they don't want to provide the service they lock up shop.. My long stupid point being that if they offer sql services like a couple of ppl (even the music database sites offer stuff like this) then it's a service that you should be able to access legally.. Now circumventing firewalls and spoofing should be illegal.
and I believe the original poster said that the site had easy access to database info (without hacking or being malicious). Food for thought anyways, otherwise I think that yes, he should just walk away from these guys...
Ok, so I boycott them and give someone else my business right? Well, thats the problem.. Who else is there in my area for broadband access that would be competition?? So here is big Corporation X laughing at me, telling me they don't care what I have to say anyways, cause there is NO one else to turn to for business...
I think there inlines the regulation part. There is no choice for me and the price I have to pay. I'd love to switch providers and get away from this PPPoE crap that Linux doesn't much like (it works, just a pain).
And no, I don't trust my government, but when did this become an excuse as well? They are supposed to represent us but I hope I don't give the impression of greed, abuse and corruption.
What I'd like to see is a middle ground (maybe a little govenrment involvement.. maybe some funding of sorts) and then let things even out... Once competition is avaliable, then no government action is needed at all...
Yah know what, you're right, but neither is T.V. but man, imagine if people couldn't get cable T.V. in their area anymore (I'm just playing around here.. I know alot of people dont have cable yet) But I could see all the people Screaming "Jerry Jerry" outside the Whitehouse cause they couldn't get their springer.
Slashdot Mirror
Reread what you just posted.. We tried to use 2.4.19 with memory intensive processes and can only get the typical 2.8gigs of memory per process... 2.4.7 (with older memory manager) there are some minor changes you can make to get 3.5 gigs per process..
This might not seem like a big deal to average users, but when running simulations every bit of memory PER process helps, NOT just how much the kernel "sees"... Try it.. We have several machines with 4 gigs of physical memory and it's a pain to get it to use all 4 gigs (plus whatever swap we enable) PER process (again, not just what the kernel sees)...
Yes, no fud here... We received them directly from sun and started a pilot program (I'm talking about 1 hundred (100+) SunBlade 100's.. the first revision had alot of problems with the motherboards and also the memory.. They would lock up at random times.. It got to the point where I HAD to enable logging by default because of all the lock ups... The EU's (in this cause CAD/Layout people) would be stuck with a down machine costing company alot of money..
I guess the newer revisions are better, but overall I can honestly say the 100's still lock up the most out of all of our Sun's in general..
Yes and I understand that the SunBlade were supposed to fill the light desktop void that Sun never filled.. And yes I understand it was supposed to be the cheaper solution.. but I think they initially cut a little too much out...
Patching and enabling logging helped, but overall I wouldn't recommend a Sunblade.. In this case I would buy an ultra 2 off of ebay.. heck, even a descent dual Ultra 60 would cost about the same and I would buy one of those over a SunBlade 100...
As I said in my other post, We can buy PCs for CPU power that Blow away even new suns..
Secondly you could buy a brand new 2ghz machine that'll have IDE but still beat a dual ultra 2 machine for 425.00 (what the auction ended at)...
BTW, Ultra 10 has IDE pal, so no scsi defense on that one...
Also what happens if sun goes out of business tomorrow (yeah, small chance but still) Or they decide to stop supporting the equipment... (IPX's are no longer supported on solaris 8 even)
Also what happens if something breaks on it? Have to wait to go on ebay and buy a new part and wait for the auction to end...
And finally if you're a large coportation and worried that much about resale value you could always lease equipment, whether you lease PCs or Sun's it doesnt matter...
For the small time user, as long as you don't buy bleeding edge you don't loose much on your investment.. and I really don't think an Ultra 2 is bleeding edge either...
We still use ultra 2's where I work, but typically they aren't purchasing any new ones... Most of our farm equipment is all newer, faster stuff such as Blade 1000's and Sunfire 280R's
Also, Please stay away from the Sunblade 100's.. that was Sun's attempt to "save YOU money".. hah...
Well, with certain tools we experience great performance compared to say a SunBlade 1000 (no and I didn't mean to say 100, I meant 1000)... The same tools running on a dual 2.4 gigz machine are almost twice as fast (take 1/2 the time to run) compared to a SunBlade 1000.. the only problem is the 32 bit memory addressing. Processes running under 3.5 gigs are prefect for linux, however anything over that the linux machines can't even run. But for the small jobs PC running linux are a lot faster, plus they are about 1/4 of the price of a Sun Blade 1000 (and these are PCs that are fully loaded, ie all scsi, 4 gigs of memory and only cost 1/4 of what a sunblade 1000 costs). So in the long run throughput may not be AS good but in this instance the CPU time gained makes up for the bus throughput...
So I agree that x86 Solaris isn't that good overall but do not generalize and say that in every case Any modern sun system is better than a PC... I can provide examples of specific instances where a PC running linux is much faster..
1. I live in country, no large GOOD radio stations.. And since I'm in the country I'm always in my car
2) I have a 30 minute commute, listen to traffic for 5 mins then have 25 more minutes to listen to good (and honest to god) NEW music without having some idiot rattle on and on about what they are playing..
3) Since I'm in the country all my friends live atleast 30 mins to 1 hour away.. not exactly long trips but the XM radio makes them go alot quicker.
4) I have a fairly large music collection myself at home and yes, even some MP3's I downloaded.. Secondly I don't have digital cable because I'm really thinking it's a complete rip off.. Something along the lines of 50 Bucks for the same old crap on normal cable BUT with music channels (I get the music channels on XM for a lot less).
There yah go.. This here hick boy really enjoys listening to the music I want to when I want to.. I can tune in on 3 different types of trance/techno music and also listen to Alternative with a quick flip of the button.. It's all relative and I suggest keeping a slightly more open mind.. never know when you'll get fired and have to move out in the good ol' country...
but thats the problem.. don't compare this to houses.. First of all, yes, my address is public, but I'm definitely NOT running any services on it.. there is no sign out front saying I'm "Open for Business".
> If I have not advertised my service as a public service, then keep the hell out.
Then how the hell am I supposed to know what is and what isn't public?? If I can't find it on google that means I can't access it? Who are you to say that I don't want Joe Shmoe accessing MY site?
AND, like a STORE, people advertise that they are a service.. On the Internet you DON'T have that.. because port 80 is open you assume they are offering a service (which is unlike your house). Basically I'm saying that no, it's NOT right to break into a machine (Duh), but thats not my point.. You are offering a service and you need to be more secure than your house... common sense says this.
I don't believe anyone said only kids break into systems. I think the claim was that if it was a younger person breaking in, then they should be treated as one and not be treated as a terrorist.
Also, what about the person in a foreign country who can't even be caught..
I believe it would be your responsibility to watch over yourself if it's out of governments hands entirely.. Perhaps thats why they are labelling them as terrorists.. so our government can handle them accordingly (unfortunately children are now labelled terrorists as well).
Whoever and however it happens it's still your overall problem, isn't it? So basically you could patch and monitor your systems, or sit back and pay no attention and have them break in.. either way you'll have to do "work" and one just might make you look better than the other when pay raises come.
And for the people who do break into your house?? What about them?
And why do people continuously use the comparison of house being broken into and computers being broken into. They are different things... I compare Inet sites to stores.. they are both offering a public service.. they require more attention than a house since a house offers no public services and less security is needed. It's like running a business from your home... even then people use more security at their homes..
And finally, morality is a common sense thing and you may be a perfect moral citizen who does no wrong, but some kids growing up in weird situations have less moral convictions.. I'm not at all defending their acts nor support them, but keep an open mind. I'm all for giving them hard sentences, but strong jail time and fines might not be the correct punishment. Afterall, they'll just end up stealing more to pay for fines, etc..
No, it's on the inet, it's offering a service to the public (if it wasn't it should be on a private subnet and/or firewalled closed).
I'm saying that you are offering a service just like a store would and they take MORE initiatives to stop people from breaking in. Basically, they expect "evil" people because they are open to the public offering their services.. you're comparing a house to a store (normal house doesn't offer anything to public, hence security doesn't need to be at a different standard).
So however they crack your box, because you're offering a service (Whether telnet, www or whatever else) you need to provider yourself with a level of security thats HIGHER than normal, otherwise (as you pointed out in your other post) your company loses money, because those services are no longer available.
Basically I'm saying, it's on the inet then you are responsible for it and since you're offering a service, you even have more responsibilities to watch over.
The difference is they are running a PUBLIC service, so really don't compare it to your house or car, it just doesn't work that way... It's similar to defacing a general store or a Mall or something similar. Basically the invasion of privacy isn't on the level which you speak of. This does not make it "ok" to deface the web page, but please don't compare it to someone "breaking in" to your house, it's a weak argument. Even on a private machine on your dsl connection running apache.. It's a PUBLIC URL, it's supposed to be accessed by all... otherwise, how am I to determine I'm not allowed to connect to it before I even connect to it?? I'm not a mind reader.
Second of all, Public places are responsible for public safety and also security. They provide a public service and need to monitor themselves. So, yes, they have locked doors and other safety measures. If you were selling stuff from your house, or providing a public service from your house I'd expect slightly better security than a normal "everyday" house.
I can't agree with you more.. Sometimes I wonder if he says stuff just to piss people off so they write more.. You know, like on MSNBC and foxnews, they have arrogent, self-centered reporters just saying crap that pisses you off just so you watch it more. Then you have the extreme people who completely agree with the comment as well.. meaning that they have the attention of everyone... Like other big media, slashdot needs to get users and attention.. these 2 players equal large revenue, so next time one of the editors writes something you don't agree with, just blow them off, otherwise when you click the submit button realize you're just putting money in their pockets.
(And yes, I know I posted, but trying to get my point across to not to support them entirely)..
When I used svideo out before you needed a monitor to see what was on the screen before windows loaded.. after that you could select svideo out and let the display appear on the screen.. the only thing is, would i have to setup/install the machine on a normal monitor first then connect to a tv or vcr? in other words, can I just use the svideo out? or do I still need a monitor for reboots and such? would be nice if I only needed the tv for output, no need for a monitor at all..
Second of all, why wouldnt a company want maybe a VB app that runs via ssh tunnel that connects to a public sql database?? DO we know that the records are public knowledge?
I just wish WWW wasn't the only acceptable "Click and forget" internet service.. After all, the internet isn't just WWW, it's comprised of many DIFFERENT services that are provided by colleges, universities and businesses... I remember when a shell account and slirp and you could go anywhere any NOT have to worry about being logged and turned into feds..
SO bottom line, NO I can't read the minds of the server admins and see if they allow guest accounts to a BBS style telnet session.. And I have to make an initial connection to even see if they allow that...
good point.. or is it? Now the client doesnt even know what service he or she is connected to and there is no formal notification.. but lets get away just from SQL specific problems..
The main concern is using/abusing services here.. none of us want to get hacked, right? Security is key here.. but why should this be left up to the client to decide.. People actually do share wingates (however, this has to be one of the most abused instances around)... the fact remains, just because SOME people do not want to share their services, but don't want to have to monitor them doesn't make it right, nor does hacking these services) But /etc/services is just that.. they provide connections for clients and it's up to server to monitor who connects. And if the company decides to have them open, then fine.. but how can we know before connecting? Like I said in previous post, they may wany guests to connect to a BBS type telnet system and or SQL connection via a VB application on a ssh session...
point still being that why is port 80 WWW acceptable to just browse in on? What about MUDS on different ports? what about telnet BBS type systems.. those hosts WANT telnet connections to come in.. I actually ran a telnet style bbs where you could login as guest and post messages and such... I think this taboo about other services is stupid.. SQL should be up with NFS, telnet and WWW in my opinion.. ALL of these protocols/rfc's ARE the internet..
BUT again I stress my main point, I'm against hacking attempts, like busting firewalls and such..
if you don't want to provide a service for all, then I think its up to you to limit it? After all, honestly, how am I supposed to know whether or not to connect? (before I get a Welcome message).
Would you trust your bank to keep your MAC card without a pin? Same deal.. If it's supposed to be secure then it should be otherwise all bets are off.. My point is, if it has a warning message not to use it, you still need to make the initial connection to test (which you pointed out), but if the machine has open services why not use them? Sure get permission sometimes, but if WWW is open, why not use other services.. I mean, legit as well, I'm not refering to hacking attempts (random port scans on an entire subnet, just plain abuse and not "common sense use").. For instance an SQL database with album titles for instance... why not use it if it's a legit service. If I were to login to an account without any prior notification and had root, of course I'd logoff, IF it had the message.. but I would be upset if I got in trouble after the fact, because I didn't see the message until After I logged in.
Basically, I don't trust anyone with my services if I dont want them to have access.. however, if I want a service available, I open it up.. I dont see how this is different than the real world (regarding businesses).. They want the service open then they provide it otherwise you get nothing for free =)
We follow hyper-links without question to port 80 on machines, what is different about other services? Just because WWW is slightly more common people are laxed with it, but I wish other services were regarded the same way (either off or on with security). you could configure browser for telnet:// but that would still be taboo i guess... I mean, dont get me wrong, I'm against hacking attempts here.. but legit use of open services should be acceptable, no? Whether sql or telnet.. and if the original company had sql open and I wasn't hacking around, whats the problem? Just like opening port 80 and viewing... just my thoughts tho...
> When I was a SysAdmin at a big company, we had "greeting" messages that were written by the legal dept just for this purpose. They were warnings about unauthorized access. well, how the hell can you get a greeting message unless you you already connected? If you connect and get the message you are already violating the warning... please explain the legality of that? It's doing something you thought would be prefectly legal elsewhere (like a telnet connection) then finding out after the fact.. almost seems like entrapment...
Fine, if we make the relationship, if they didn't want PUBLIC access on a service (SIMILAR TO HTTP, as we can see from the other posters) then they should make note that no users are allowed in the area. There isn't an invitation on the desk, but also there is a "closed off" area that strictly is against customer eyes, unless a clerk is with you. If you don't believe me, then I would go check your bank.. if they let customers roam freely I think I'll make a withdraw from your account (or cancel my account if its at the same bank).. Second of all, banks are LOADED with camera's.. Just try to walk away with it. This camera idea could be compared to LOGGING on the system as well. The bank can see who comes and goes.. just as any other PUBLIC service at a commerical store.
Next time you're standing outside a store, please don't enter unless you get the official "ok".. heaven forbid you enter a store without checking first.
But if you think stealing money from cars and also snooping at banks is YET another public service comparison, you sir live in another world...
However, if they had a terminal available in bank that would reference everyone's account, you would use it no? (I'm not askin about the moral question here, but just the sake of useage). But you see banks DON'T OFFER that PRIVATE service.. It's one thing to offer it to a select group as well, but in this case, sql is open to everyone.. no "bank" clients are refused access. So you're argument had no point because banks don't offer that service or if they do, it's highly restricted, (ie: firewalls in this comparison of bank and server access). So my original point stands its ground.. if the service is offered (in this case sql) publicly, then why is it considered "breaking in"? It's just another service offered. But you're point is that the service isnt even offered? Then it's not a public service..
I believe that if it's a commerical company they are responsible for their clients protection.. And like a bank they need to put in the necessary guards and limits on what can be done on their system.. Since they are a company that's on the internet, they are offering services that are available for the public. If no issue is made on connection attempts then why is it "breaking" in? if you want to make a comparison to house example, it would be like me walking in a store.. If the store is closed, (ie: firewall) the door will be locked and I won't be allowed in... However, there is no reason I can't walk in normally and use their services (if payment is necessary as well).
I believe that home dsl connections are a slightly different case.. We honestly don't know the who, what where and how.. But commerical sites offering services should be allowed.. It's like my commerical site hosting dns.. other places use my dns Service... it would be like saying "You can use my dns which is openly available without any protection, but heavens stay away from my other openly available services". And how is making use of one service "ok" and another not? (don't make a weak comparison that its going in and taking money out of register, it's comparing it to using the weights and the pool at a gym, where the weights are dns and pool is sql).
Second of all, I've used many services I was never officially authorized to use. I'm not claiming negligence here either, but when do I need to have authorization to enter a store? No forms to sign, no initial agreement.. Second of all, to check if I need authorization I have to make an initial connection to begin with...
last of all, any more DNS queries coming from your domain will be considered trespassing and you'll be fined... so stop all the 'nslookups'.. this is just another service you're illegally using.
However... If the commerical establishment is offering a service similar to a bank or grocery store then why is it not legal to use it? No where is it stated against its useage nor for it. But a commerical store usually says nothing as well.. Stores are open to general public unless noted (by a security guard, sign or a large electric fence with a high pitched buzzing sound). This could be comparable to a firewall or something similar. My point being is, let's not compare this to say someone's home dsl connection, but an actual company providing content for people to use.. (home being open window one someone's house versus a commerical store with open access). There are alot of databases open to public as we speak.. example might be the database with all the albums made.. (winamp, windows media player use it).
Just a thought, but I think the open house window example is kinda weak when comparing it to technology.. it's a different realm...
I've heard of comparisons of this with ppl snooping around a house with unlocked doors.. Well, I wouldn't make that comparison.. I'd say it's closer to a service being offered like a bank or supermarket.. Their doors are open and they are providing a service that doesn't even need to be munipulated/hacked.. And when they don't want to provide the service they lock up shop.. My long stupid point being that if they offer sql services like a couple of ppl (even the music database sites offer stuff like this) then it's a service that you should be able to access legally.. Now circumventing firewalls and spoofing should be illegal.
and I believe the original poster said that the site had easy access to database info (without hacking or being malicious). Food for thought anyways, otherwise I think that yes, he should just walk away from these guys...
I think there inlines the regulation part. There is no choice for me and the price I have to pay. I'd love to switch providers and get away from this PPPoE crap that Linux doesn't much like (it works, just a pain).
And no, I don't trust my government, but when did this become an excuse as well? They are supposed to represent us but I hope I don't give the impression of greed, abuse and corruption.
What I'd like to see is a middle ground (maybe a little govenrment involvement.. maybe some funding of sorts) and then let things even out... Once competition is avaliable, then no government action is needed at all...
Yah know what, you're right, but neither is T.V. but man, imagine if people couldn't get cable T.V. in their area anymore (I'm just playing around here.. I know alot of people dont have cable yet) But I could see all the people Screaming "Jerry Jerry" outside the Whitehouse cause they couldn't get their springer.