Geeze that's funny. I have used RedHat for a number of years (since 4.1) and rarely use the "fancy tools". Maybe you should s/Redhat/new linux users/
BTW, I use RedHat because I prefer a sysV style run control and find package management systems very useful (please, no rpm vs. apt wars). Back when I had a Pentium 75 and a slow dial up connection it was a nightmare downloading and compiling all the apps I wanted to toy with. Of course I've always drawn the line at installing new kernels using RPM, its sacrilegious;) Yes, I realize slack now supports a number of different package management systems, but back then it didn't (at least not very well).
In the meantime, FightCloud wants to stay free; we want to stay at $4.95 S&H. We want to keep it right there. We even pay taxes on our CD giveaways even though there is no tax on a zero dollar, the customer doesn't pay any tax because it's zero. But we still have to pay a tax, a user tax for California. So we're still paying taxes.
On the otherhand, maybe they are using the $4.95 shipping and handling approach as a tax loop hole for us, and at the same time, reducing costs for them by not having to deal with sales tax on each CD sold.
"I have repeatedly said that libraries have children's book sections, why can't the Internet have the same type of section devoted to children's interests?" he said.
I really think this is a good analogy. The internet (like a library) is a wealth of free knowledge. This is a good thing. My children love going to the library, and they love surfing the internet. In the library I can let them loose in the children's section and the chances of them coming across an explicit material is slim to none. The same cannot be said (right now) about the internet. Current censoring/filtering software just isn't effective as it needs to be (IMHO), and adding a kids.us SLD would definately make filtering easier and more effective.
For those of you without kids, here is an example. I set up bookmarks for my kids so they can easily get to sites they enjoy and are approved by me. The oldest is seven, so I am not worried about them going to Google, typing in "Britney Spears", and following some link to teen pr0n. I attempt to ensure no links exist that may lead out from the approved sites to pr0n (the internet's version of Six Degrees Of Kevin Bacon seems to be Six Degrees To Pr0n). My seven year old knows she can only go to these approved sites, but she likes to type in the URLs herself. A simple typo in a URL can lead her to explicit material real quick. I would love for my kids to be able to go to something like google.kids.us, enter a search string, and get sites with only a "G" rating.
My guess is the most teachers are for the most part ignorant about computers in general and if they are going to be teaching about computers, they want something they are comfortable with (ie the same OS they use at home).
Here is an example of that ignorance. My oldest daughter's school will be replacing their Macs real soon. I was talking to the "computer teacher" at the last PTA meeting and she was excited about replacing the aging Macs with brand new "Dells". Her excitement came from the fact that "Dells" have Office and the kids would begin to learn things like Word and PowerPoint. I don't think she realized that Dell was a hardware company, and that she could easily get MS Office for the Mac. I could see her eyes begin to glaze over as I spoke of Linux and OpenOffice.
BTW, my daughter is in first grade and for the life of me I can't figure out when MS Office became educational software.
DShield currently employs as little filtering of incoming reports as possible. Most reports are sent anonymously. We do not know if these logs are truthful, or if the firewall configuration was correct. DShield.org will attempt to protect the identity of the submitter. If you have a question regarding a specific target or source IP, please send an e-mail to info@dshield.org.
Let us assume all the submitters of the data used to create these statistics have the best of intentions and are inserting "real" data. I doubt many of these submitters actually take the time and do enough analysis to ensure "false positives" aren't being imported into the database. For instance, I would bet data collected from snort is one of the most common types of logs submitted. I have used snort enough to know that its portscan preprocessor produces a lot of "false positives". In the end you have a bunch of statistics derived from "dirty" data that are barely worth the bandwidth required to view them.
I'm betting the packets were captured using NSM and then replayed using one of its associated applications . NSM logged packets to disk, and then at the end of the day, it went back through this data and created session summaries. Warning values based on string matches and a primitive anomolly detection engine flagged suspicious traffic. An analysis could then go back through the suspicious traffic and determine if the activity was truly malicious and more importantly, whether malicious activity was successful. From there an analyst could also determine what actions took place when unauthorized users had access to the system. All this without ever having to access the victim computer.
Todd Heberlein created NSM and the application that "replayed" these sessions. He used to have Solaris binaries available on his site, but it seems to be offline as of late. Although the session-replay app (I cannot for the life of me remember the name) didn't provide a whole lot of analytical value, it was fun to play with. You could play at "normal speed" or speed it up. Telnet sessions (then the norm - ssh? what's ssh?) were fun to watch as typos would appear on the terminal and then dissappear as the "attacker" hit the backspace. Aaaah, them were the days:)
Yeah, I know it's off topic, but even though my annoying little brother had thousands of transformers, I was to old at the time to really get into them. So, what other toys would people like to see re-released? My fondest memories are playing with Fisher Price's Adventure People. Now that I have my own kids, I love to be able to buy the toys for them. These things rocked. I don't know how many times I fell off the roof of my house while I was throwing the daredevil with real working parachute in the air.
My company provides Manged Network Security Monitoring and often times our clients will use an assessement as a chance to "test" our services. Afterwards they will also ask our opinion on how well the assessment was performed. Generally, I have found it's best to stay away from the Big 5 accounting firms (KPMG, E&Y,PWC, etc), Telcos, IBM, and other big businesses whose specialty isn't doing security assessments. These types of businesses tend to be way overpriced and provide a cookie cutter approach to security. At the same time watch out for the local "security consultant" who claims to be able to do everything in security as well as the local "hax0r" who has Nessus installed on his laptop (finally). Probably the worst assessments I have ever seen came from these types. (BTW, I am NOT bashing Nessus.)
In my opinion, your best bet is to go with a reputable company who only does security auditing and has a proven customer base (get and check references!!). In my opinion, these guys stand out as a group of people who know what they are doing, and do it well.
I really wish people would get the terminology correct. Spafford posted a good definition over twelve years ago. A quick and dirty definition: Viruses (virii?) generally require human interaction (open an email, click on a link, etc) while worms propagate on their own, exploiting vulnerabilites within an application or operating system.
With that said, it only makes sense that CodeRed (a worm) wouldn't make the top ten list of viruses. I doubt any true worm could ever make some top ten list when compared with large virus infections. Viruses infect workstations (PCs) while worms (generally) infect servers. Last time I checked, there were a whole lot more PCs than servers, thus a much bigger chance of infection. Furthermore, CodeRed's (a worm) impact was limited by that wonderful thing called Open Disclosure. No, M$ will never admit to this, but as a security professional who does network security monitoring, I know my clients would have been severly impacted if signatures hadn't been available for our sensors (insert shameless plug) a month prior to CodeRed (a worm!!) being released. Virus signatures, on the other hand, tend to be created after a virus has been let loose in the wild and has already impacted users.
The concept of employment for this system is to be part of a barrier or obstacle plan that will provide stand-off distance and force protection for U.S. military personnel," says Warren. "The MDS will be applicable in many different missions to include checkpoint operations, denying avenues of approach, and dealing with confrontational crowds.
The material is meant to be used as part of blockade, not as a substance to be sprayed on crowds so why do people keep comparing it to tear gas and rubber bullets? I can actually see how this stuff would actually help lessen the use of tear gas, rubber bullets, etc. Most injuries in a riot occur as the crowd comes in contact with riot police who are trying to defend a facility or protect people belonging to a controversial demonstration. The slime helps prevent this type of contact from happening.
10) The Vendor SHOULD provide a mechanism for notifying Customers and the Security Community when new advisories are published.
How about taking this a bit further and REQUIRE the Vendor contact registered Customers. And I don't mean posting a bulletin to www.mycompany.com/security or offering an option to subscribe to some mailing list.
Of course I doubt vendors would agree to this requirement, since it would imply the vendor take some kind of responsibility for the vulnerability associated with their product.
Actually, I think the analogy is accurate. The issue at hand is not who has access to the email or voicemail, but how the information was recorded and what parties gave consent to have the information recorded. Pennsylvania law requires consent by all parties before a conversation can legally be recorded without a warrant. Courts have ruled that leaving voicemail is considered giving your consent. This court seems to also believe by sending his solicitations via email, the defendant has given his consent to have the conversation(s) recorded.
In a bold marketing effort to help squelch concerns that Comcastis collecting and reselling customers web surfing habits, Comcast has updated their I want it campaign. The companies new slogan will be Comcast: We just want your pr0n. When asked how the new slogan was chosen, Comcast responded that
"SCORE! Get the lotion" was already being used by Snort in their kickass-porn rule set.
Since you have your own media outlet, acknowledge the vast majority oppose your settlement terms, while a few^H^H^H^H^Hmany support you. Be sure to also quote a puppet, ^H^H^H^H^H^H^Hindividual, who can be coerced into defending your^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^supports your position. The longer the quote the better.
The vast majority oppose the settlement's terms -- although many say they would welcome some sort of plan to settle the case by giving schools badly needed technology resources.
"I believe Microsoft's intent was positive and they truly believed that they had a solution that would be acceptable and useful to schools," says Bill Fiske, the instructional technology coordinator for the Rhode Island Department of Education...blah...blah...blah"
"But Microsoft Deputy General Counsel Tom Burt said the software giant could help more schools under the proposed settlement, distributing more software at a lower cost than if the same schools went out and bought their programs on the open market."
Maybe I am just in a good mood but I hope this is a positive step towards finding common ground between the music industry and its consumers. No, I don't think this model is going to succeed,the price is steep (especially when studies show users of P2P actually increase their cd buying) and the terms of use are too restrictive. Lets hope the "industry" can at least learn from this and improve their offerings in the future.
With that said, excuse me while I take off my rose-colored glasses and go back to living in the real world, where the music industry is a bunch of greedy, backstabbing whores.
Our small initiative started out using systems that could no longer support the corporate desktop. Our workstations run Linux, as does the main server (uptime of 132 days BTW). Our Firewall, VPN Concentrator, and IDSs are FreeBSD. Our lone, non-opensource system is a sparc/solaris DB server. We still keep dual boot laptops around for PowerPoint (StarOffice still doesn't render PPT well), although I cannot remember the last time I had to boot into Windows. Linux and FreeBSD have migrated to the local corporate side of the house too, recently replacing the mail server, web server, name servers, and BDC. It seems the biggest obstacle facing our admins in getting Linux to the local corporate desktop is a true standards based document exchange.
Culp's plan would not have made any difference in these situations - he does not suggest that security vulnerabilities should not be talked about (in the useful manner they were in the case of the vulnerabilities behind Nimda/Code Red), and he doesn't provide a solution that would make admins listen.
Read that first paragraph again. Culp claims we (the security community) assisted the criminals who wrote and released CodeRed, Nimda, etc. How did we do this? By releasing information about the vulnerabilities in full disclosure forums? Culp would like us to associate the bad of CodeRed and Nimda with full disclosure. Fact is, MS is taking a lot of heat for these worms and is trying to make a scape goat out of full disclosure. After all, we don't expect Culp and MicroSoft to take responsibility for these "holes", do we?
If what Culp's points have been taken out of context than its noones fault but his own. After all, the first paragraph reads "Code Red. Lion. Sadmind. Ramen. Nimda......And we in the security community gave it to them.". CodeRed and Nimda are, in my opinion, great examples of how open, full disclosure has worked. I would hate to know what CodeRed could of been, had eEye not published the vulnerability and no signatures were created to detect the exploit of the vulnerability prior to the worms release.
The process that needs to be fixed here is getting admins/users to implement patches immediately shrinking the "Window of Exposure". MS's fear of bad PR seems to outweigh its concerns about the security of its clients.
...if ISPs could understand the significance of CodeRed and Nimda and use this as an opportunity to begin supporting and encouraging the use of alternate OSes like *BSD, Linux, Mac, etc?
This guy has a lot of company.
It is important to note this individual did not appear to breach the intregity of intelink. He had a security clearence (which means he has had an extensive background investigation as well as periodic reinvestigations) and authorized access to the information he sold.
...and if this car rental agency was truely acting as a concerned citizen, then they should of installed it, or another speed limiting device. Instead, they thought they found another way to create more revenue by charging another ridiculous fee. Glad to see the consumer win this one.
Slashdot Mirror
Geeze that's funny. I have used RedHat for a number of years (since 4.1) and rarely use the "fancy tools". Maybe you should s/Redhat/new linux users/
;) Yes, I realize slack now supports a number of different package management systems, but back then it didn't (at least not very well).
BTW, I use RedHat because I prefer a sysV style run control and find package management systems very useful (please, no rpm vs. apt wars). Back when I had a Pentium 75 and a slow dial up connection it was a nightmare downloading and compiling all the apps I wanted to toy with. Of course I've always drawn the line at installing new kernels using RPM, its sacrilegious
On the otherhand, maybe they are using the $4.95 shipping and handling approach as a tax loop hole for us, and at the same time, reducing costs for them by not having to deal with sales tax on each CD sold.
Bammkkkk
I really think this is a good analogy. The internet (like a library) is a wealth of free knowledge. This is a good thing. My children love going to the library, and they love surfing the internet. In the library I can let them loose in the children's section and the chances of them coming across an explicit material is slim to none. The same cannot be said (right now) about the internet. Current censoring/filtering software just isn't effective as it needs to be (IMHO), and adding a kids.us SLD would definately make filtering easier and more effective.
For those of you without kids, here is an example. I set up bookmarks for my kids so they can easily get to sites they enjoy and are approved by me. The oldest is seven, so I am not worried about them going to Google, typing in "Britney Spears", and following some link to teen pr0n. I attempt to ensure no links exist that may lead out from the approved sites to pr0n (the internet's version of Six Degrees Of Kevin Bacon seems to be Six Degrees To Pr0n). My seven year old knows she can only go to these approved sites, but she likes to type in the URLs herself. A simple typo in a URL can lead her to explicit material real quick. I would love for my kids to be able to go to something like google.kids.us, enter a search string, and get sites with only a "G" rating.
My guess is the most teachers are for the most part ignorant about computers in general and if they are going to be teaching about computers, they want something they are comfortable with (ie the same OS they use at home).
Here is an example of that ignorance. My oldest daughter's school will be replacing their Macs real soon. I was talking to the "computer teacher" at the last PTA meeting and she was excited about replacing the aging Macs with brand new "Dells". Her excitement came from the fact that "Dells" have Office and the kids would begin to learn things like Word and PowerPoint. I don't think she realized that Dell was a hardware company, and that she could easily get MS Office for the Mac. I could see her eyes begin to glaze over as I spoke of Linux and OpenOffice.
BTW, my daughter is in first grade and for the life of me I can't figure out when MS Office became educational software.
Bammkkkk
Let us assume all the submitters of the data used to create these statistics have the best of intentions and are inserting "real" data. I doubt many of these submitters actually take the time and do enough analysis to ensure "false positives" aren't being imported into the database. For instance, I would bet data collected from snort is one of the most common types of logs submitted. I have used snort enough to know that its portscan preprocessor produces a lot of "false positives". In the end you have a bunch of statistics derived from "dirty" data that are barely worth the bandwidth required to view them.
Bammkkkk
I'm betting the packets were captured using NSM and then replayed using one of its associated applications . NSM logged packets to disk, and then at the end of the day, it went back through this data and created session summaries. Warning values based on string matches and a primitive anomolly detection engine flagged suspicious traffic. An analysis could then go back through the suspicious traffic and determine if the activity was truly malicious and more importantly, whether malicious activity was successful. From there an analyst could also determine what actions took place when unauthorized users had access to the system. All this without ever having to access the victim computer.
:)
Todd Heberlein created NSM and the application that "replayed" these sessions. He used to have Solaris binaries available on his site, but it seems to be offline as of late. Although the session-replay app (I cannot for the life of me remember the name) didn't provide a whole lot of analytical value, it was fun to play with. You could play at "normal speed" or speed it up. Telnet sessions (then the norm - ssh? what's ssh?) were fun to watch as typos would appear on the terminal and then dissappear as the "attacker" hit the backspace. Aaaah, them were the days
Bammkkkk
Yeah, I know it's off topic, but even though my annoying little brother had thousands of transformers, I was to old at the time to really get into them. So, what other toys would people like to see re-released? My fondest memories are playing with Fisher Price's Adventure People. Now that I have my own kids, I love to be able to buy the toys for them. These things rocked. I don't know how many times I fell off the roof of my house while I was throwing the daredevil with real working parachute in the air.
My company provides Manged Network Security Monitoring and often times our clients will use an assessement as a chance to "test" our services. Afterwards they will also ask our opinion on how well the assessment was performed. Generally, I have found it's best to stay away from the Big 5 accounting firms (KPMG, E&Y,PWC, etc), Telcos, IBM, and other big businesses whose specialty isn't doing security assessments. These types of businesses tend to be way overpriced and provide a cookie cutter approach to security. At the same time watch out for the local "security consultant" who claims to be able to do everything in security as well as the local "hax0r" who has Nessus installed on his laptop (finally). Probably the worst assessments I have ever seen came from these types. (BTW, I am NOT bashing Nessus.)
In my opinion, your best bet is to go with a reputable company who only does security auditing and has a proven customer base (get and check references!!). In my opinion, these guys stand out as a group of people who know what they are doing, and do it well.
I really wish people would get the terminology correct. Spafford posted a good definition over twelve years ago. A quick and dirty definition: Viruses (virii?) generally require human interaction (open an email, click on a link, etc) while worms propagate on their own, exploiting vulnerabilites within an application or operating system.
With that said, it only makes sense that CodeRed (a worm) wouldn't make the top ten list of viruses. I doubt any true worm could ever make some top ten list when compared with large virus infections. Viruses infect workstations (PCs) while worms (generally) infect servers. Last time I checked, there were a whole lot more PCs than servers, thus a much bigger chance of infection. Furthermore, CodeRed's (a worm) impact was limited by that wonderful thing called Open Disclosure. No, M$ will never admit to this, but as a security professional who does network security monitoring, I know my clients would have been severly impacted if signatures hadn't been available for our sensors (insert shameless plug) a month prior to CodeRed (a worm!!) being released. Virus signatures, on the other hand, tend to be created after a virus has been let loose in the wild and has already impacted users.
Bammkkkk
I'll take a Viagra with a Provigil chaser please.
Well since you were feeling deprived by running MS products on a non-MS OS w/o the security flaws, go ahead and get your "fix" here.
The material is meant to be used as part of blockade, not as a substance to be sprayed on crowds so why do people keep comparing it to tear gas and rubber bullets? I can actually see how this stuff would actually help lessen the use of tear gas, rubber bullets, etc. Most injuries in a riot occur as the crowd comes in contact with riot police who are trying to defend a facility or protect people belonging to a controversial demonstration. The slime helps prevent this type of contact from happening.
How about taking this a bit further and REQUIRE the Vendor contact registered Customers. And I don't mean posting a bulletin to www.mycompany.com/security or offering an option to subscribe to some mailing list.
Of course I doubt vendors would agree to this requirement, since it would imply the vendor take some kind of responsibility for the vulnerability associated with their product.
Actually, I think the analogy is accurate. The issue at hand is not who has access to the email or voicemail, but how the information was recorded and what parties gave consent to have the information recorded. Pennsylvania law requires consent by all parties before a conversation can legally be recorded without a warrant. Courts have ruled that leaving voicemail is considered giving your consent. This court seems to also believe by sending his solicitations via email, the defendant has given his consent to have the conversation(s) recorded.
In a bold marketing effort to help squelch concerns that Comcastis collecting and reselling customers web surfing habits, Comcast has updated their I want it campaign. The companies new slogan will be Comcast: We just want your pr0n. When asked how the new slogan was chosen, Comcast responded that
"SCORE! Get the lotion" was already being used by Snort in their kickass-porn rule set.
If it's not on Google, then it doesn't exist.
"But Microsoft Deputy General Counsel Tom Burt said the software giant could help more schools under the proposed settlement, distributing more software at a lower cost than if the same schools went out and bought their programs on the open market."
The "their" in bold was added by me. Nuff said.
Maybe I am just in a good mood but I hope this is a positive step towards finding common ground between the music industry and its consumers. No, I don't think this model is going to succeed,the price is steep (especially when studies show users of P2P actually increase their cd buying) and the terms of use are too restrictive. Lets hope the "industry" can at least learn from this and improve their offerings in the future.
With that said, excuse me while I take off my rose-colored glasses and go back to living in the real world, where the music industry is a bunch of greedy, backstabbing whores.
Our small initiative started out using systems that could no longer support the corporate desktop. Our workstations run Linux, as does the main server (uptime of 132 days BTW). Our Firewall, VPN Concentrator, and IDSs are FreeBSD. Our lone, non-opensource system is a sparc/solaris DB server. We still keep dual boot laptops around for PowerPoint (StarOffice still doesn't render PPT well), although I cannot remember the last time I had to boot into Windows. Linux and FreeBSD have migrated to the local corporate side of the house too, recently replacing the mail server, web server, name servers, and BDC. It seems the biggest obstacle facing our admins in getting Linux to the local corporate desktop is a true standards based document exchange.
Culp's plan would not have made any difference in these situations - he does not suggest that security vulnerabilities should not be talked about (in the useful manner they were in the case of the vulnerabilities behind Nimda/Code Red), and he doesn't provide a solution that would make admins listen.
Read that first paragraph again. Culp claims we (the security community) assisted the criminals who wrote and released CodeRed, Nimda, etc. How did we do this? By releasing information about the vulnerabilities in full disclosure forums? Culp would like us to associate the bad of CodeRed and Nimda with full disclosure. Fact is, MS is taking a lot of heat for these worms and is trying to make a scape goat out of full disclosure. After all, we don't expect Culp and MicroSoft to take responsibility for these "holes", do we?
If what Culp's points have been taken out of context than its noones fault but his own. After all, the first paragraph reads "Code Red. Lion. Sadmind. Ramen. Nimda......And we in the security community gave it to them.". CodeRed and Nimda are, in my opinion, great examples of how open, full disclosure has worked. I would hate to know what CodeRed could of been, had eEye not published the vulnerability and no signatures were created to detect the exploit of the vulnerability prior to the worms release.
The process that needs to be fixed here is getting admins/users to implement patches immediately shrinking the "Window of Exposure". MS's fear of bad PR seems to outweigh its concerns about the security of its clients.
...if ISPs could understand the significance of CodeRed and Nimda and use this as an opportunity to begin supporting and encouraging the use of alternate OSes like *BSD, Linux, Mac, etc?
This guy has a lot of company. It is important to note this individual did not appear to breach the intregity of intelink. He had a security clearence (which means he has had an extensive background investigation as well as periodic reinvestigations) and authorized access to the information he sold.
...and if this car rental agency was truely acting as a concerned citizen, then they should of installed it, or another speed limiting device. Instead, they thought they found another way to create more revenue by charging another ridiculous fee. Glad to see the consumer win this one.