Re:Once again, Slashdotters want to have it both w
on
Read the Fine Print
·
· Score: 1
You are making it sound like the only way for Microsoft to make a secure product is to give them direct access to my machine. This is not true. As they have proven with IIS and Windows itself, Microsoft's products do not necessarily get more secure with repeated attempts.
Microsoft should be able to create secure, reliable products without having to access my machine uninvited. Before you say anything about M$ reliability, compare my mailserver, running Debian that has been up for 118d 15h 21m or the Beowulf cluster all of whose slave nodes were up for 409 days (the only reason I had to shut them down was to move them between buildings), with my wife's Win98SE box which crashes (bluescreens, locks up or just reboots itself) 2-3 times a day. I know it is not a hardware issue because it dual-boots Linux, which doesn't have a problem.
The second thing, is that I don't trust Microsoft, the company that intentionally put hooks into Windows to break under non-MS DOSes (e.g. DRDOS), enough to give them access to my machine...Not while I have strength in this body...
Falcon4 was released three years ago November, and it is still one of the only sims I play regularly. As flight sims go, it is head and shoulders above the rest. I am in a virtual squadron, the 99th VFS Tuskegee Airmen, and our squadron commander actually flies F-15Es for a living.
Without going into the long and spotty history of Falcon4, suffice it to say that in the finest tradition of OpenSource software, the last two years, this sim has been receiving constant (free) upgrades from members of the community. The final installment in the Falcon4 saga is going to be Falcon4 SuperPack2 (SP2).
You know, as a security engineer laid off from a telecom recently, I think there is an interesting perspective here. I don't know when the report was written, but if you remember, the government spent the past three or four years prior to this preparing for Y2K. These same folks gave most of the government F grades on their Y2K preparedness, but come 1 January, 2000, the government computers didn't shut down, nuclear reactors didn't melt down, aircraft didn't fall out of the sky and the air traffic control system didn't go off the air.
Now, in the post-September 11 landscape, this report hits the streets. Do you think the GAO had time to go and do a complete survey in the last two months? No. the legwork for most of this report was probably done this year, but I think the government's views have changed, at least on the higher levels, since 9/11.
Are there still sites which put their password list within view of the computer? Yes. Are there lazy or slothful admins in government service? Yes. Are there good and secure networks within the government? Absolutely. Are there similar problems in the civilian market. You betcha.
As I said, I was laid off from a telecom. I have seen, since 9/11 that the government is hungry for security folks. The civilian market seems to be taking the approach that if they don't change the status quo, they are safe. There has not been much change in the requirements for security folks, where the government has seen the light.
The other thing I have seen is that your biggest problem is with upper management when it comes to security. Even if they do sign the checks, they are also the ones who feel that the rules don't apply to them. They think that its the rank-and- file's problem, and that they are above the law. User education is hardest in dealing with upper management.
All in all, I think the government is moving in the right direction. I wonder about industry...
I got started in Unix by playing on the Internet in the days before the web was the cool thing, the days when telnet, ftp, fsp, archie and gopher were the tools of choice. I always thought it was cool.
Well, I got a job with a Large Car Rental Company (TM) as a satellite network controller, and the control system ran on a Stratus. The VSAT vendor then came out with a *gasp* GUI that ran on Sun workstations. I helped set up the machines when they first came in, and the sysadmin took me under his wing (old crotchety bearded guy who pounded lessons like "Use vi. It'll always be there" into my head). At the same time, I started playing with Linux...And the rest, as they say, is history. Now I'm that old crotchety bearded (goatee'd) guy.
As time progressed, I started getting into the security side of the house. I found that I enjoyed it because it had the same two criteria as sysadminning: 1) it was fun, and 2) it was lucrative. Worked for a company which I thought was going to put me into a professional coma of ecstasy. They let me do Beowulf clustering, Linux (distro of my choice) as well as doing security. They even let me get my CISSP. Unfortunately, their staff has dropped from 6000 to 800...
However, if you can deal with it, I would highly recommend doing system admin...
Y'know, this opens a whole realm of possibilities, none of them good.
o A manic-depressive car, ala Marvin the Paranoid Android, a constant stream of complaints about the pains that the car is having. ("I have a pain all along my left strut...")
o A car that has bladder problems that leaks when it gets excited in traffic...
o A car that refuses to start because it is having a bad hair day or dies in traffic because it is having an anxiety problem...
No, I think I've got enough to deal with just dealing with the human race...
Funny that Micro$oft says that Linux is "a cancer that attaches itself in an intellectual property sense to everything it touches."
I'll bet he didn't have any problem sleeping when M$ (allegedly) "borrowed" code from Caldera.
I know in a couple of places that I have lived (Southwestern Bell area and GTE area), you can call the phone company and have them set up your lines so that they have to have a signed from you in order to change your long distance.
Now this may be a conflict of interest in your current situation since AT&T owns your local phone company, but it still holds the local company's feet to the fire in order to stop them from allowing these companies to slam you.
I was told that the reason for this form-based access method is that the long distance companies sometimes set up companies that do the long distance, but they charge exhorbitant rates for the same service. While the AT&Ts, MCIs and Sprints charge 5 cents a minute, these companies charge a quarter or more. You agree to sign up for one of the major ones, then a few months later, when you aren't watching, they give it to one of their subsidiary and start charging you at the higher cost.
It sounds like today's college students are being assimilated by the marketing and advertising collective rather than going for a higher education.
By the time they leave college, many students will be several thousand dollars in consumer debt, thanks to MasterCard and Visa wooing them to get credit cards with $5000 limits the first week of freshman year, spammers paying them to send UCE, which supports their credit card habit by giving them their minimum payment, and now this portal complete with banner ads. Want to bet that doubleclick is salivating over these ad portals? Just think, by the time they graduate from college, they will have millions of students in debt, and a complete profile of their surfing habits for their database.
This is quite an interesting article, and while I, a hard-core flight simmer can see the point of the writer, however, I think it is too corporate oriented.
Another article appeared yesterday on combatsim.com that looks at it from the simmer's perspective. Steve MacGregor writes about the computer gaming industry having "moved out of the age of bedroom programmers, and into the age of multi-national companies" and the pros and cons of this paradigm shift. On the plus side, this means that they have the budget available to create such productions. But on the down side, it seems the latest crop of games show that they "seem to be designed and developed by faceless marketing divisions who are soley interested in moving product."
Mr. MacGregor gave a number of examples of games which, when he bought them, were either obviously incomplete (e.g. the reference manual talks about features that are obviously not in the game), or the system requirements were determined by some marketing droid whose sole motivation is the bottom line. (In his example, he bought a game which said minimum requirements were a PII/266, 64MB RAM, 4MB 3D vidcard, recommended was a PII/350, 64MB RAM, 16MB 3D vidcard. His machine is a K6-2/533, 64MB, 32MB Riva TNT2, and even with all of the graphics options at minimum, he can't get above 10 FPS.)
I think the following statement from his article sums the situation up nicely:
"Some recent games seem to have been produced solely based on how much revenue they can generate, and have ignored completely the need to give the customer value for his money. This isn't how it is supposed to be. If I buy a microwave oven, or a radio, or a car, or any other item, I have every right to expect that it will perform as advertised. If it doesn't, I get my money back. If I buy a computer game and it doesn't perform as advertised on the box, I am often left to hope that unpaid but talented individuals will assist me via the Internet. It seems that we gamers are getting a poor deal here, and I believe it is time to take a stand."
I understand that computer games is an industry, and that they want to make profits. But why should quality suffer?
Personally, I don't think they will use carnivore in such an overt manner. The public outcry would be too great.Since it is a sniffer, I think they would drop "offensive" or "questionable" packets, either based on userid (drop all traffic from foo@bar.com), or they would start dropping, say, all encrypted traffic. Why encrypted traffic? Because anyone using strong encryption would give them *major* headaches trying to decrypt it. And since Louis Freeh has previously said that he didn't think that the public should have strong encryption. He also has petitioned for the FBI to have the hardware in place to tap 1% of all of the phone lines in the metropolitan areas of the US simultaneously. Given statements like these, it wouldn't surprise me if they set something like this up and target specific types of traffic. The "we can't decrypt it, so it doesn't belong on the network" mindset isn't too far of a stretch.
Could it be that Microsoft is up to their old tricks again? You know, the embrace, extend, extinguish business model?
When they ported Office to MacOS, they either did a really sloppy job of porting it or they made sure it had far inferior performance compared to the native (Intel) version. Considering who we are dealing with, I leave that choice to the reader. Whatever the case, the Macs started crashing and not performing well.
A large aircraft company in the midwest was almost totally a Mac shop. However, when these problems started appearing, they switched over to Intel running (you guessed it) Win95.
Personally, I don't want Office or Exploiter for Linux/*BSD/Unix. I think we're too familiar with Microsoft's business model, to believe that they would do something like that for the good of the community. They would use it to discredit *nix on the desktop. ("I don't know why these boxes crash like this. I'll bet it would run better under Windows...")
Anybody remember the IE beta for Unix? It grabbed something like 45MB of memory just to open up.
IBM has been shipping ThinkPads with Linux for a couple of years now. A friend of mine at a former job was able to order, straight from IBM, a ThinkPad 600 (IIRC) with RedHat 5.2. They have been quietly shipping them this way if you requested it. Its good to see them being more open about it.
It almost seems as if the Europeans' move to eliminate export restrictions could be a response to the US' attempt to become the world's cyberpolice. The US, according to the articles I read, seem to have been trying to impose its will on the rest of the world, which obviously didn't sit well with the Europeans, especially when combined with the use of Echelon. Opening export of crypto would be a logical response to a country playing Big Brother.
In my way of viewing things, there are two types of honeypots. The first is the "dedicated" honeypot, which is what everyone seems to be discussing. Its a box that it pulled out of service, given seemingly gaping holes and dangled out in front of the wolves. Personally, I don't think these are terribly effective, for many of the reasons stated by other posters. (e.g. possible entrapment, enticing people to hack, most of the takers will be scriptkiddies.) I am not saying this type of honepot is completely useless. It all boils down to who you are trying to attract and what you are trying to protect.
If you are looking for scriptkiddies, this type of honeypot is perfect for you. Scriptkiddies look for the easy kill, the box that shows the listening port that they can try the newest 'sploit on. However, the "professional" cracker generally has a specific target in mind, goes for that target and nothing else. The other thing is that he gets in, gets what he wants and gets out, and nobody is the wiser.
The other question that should drive your decision to deploy a dedicated honeypot (and your entire security policy) is what you are trying to protect. Are you using the honeypot for learning purposes? Then this is probably the type of 'pot for you. If you are setting it up as a tripwire or trigger to watch for untoward activities, then you might consider setting up something a little different. You should also consider what type of network you are setting this up on, and what the cracker stands to gain if he owns that particular box.
The second type of honeypot involves setting up scripts and whatnot on existing machines. It falls as much into the range of Intrusion Detection as it does Deception.
This method uses scripts which listen on common unused ports. Not running pop3? Set up a perl script on port 110 that logs activity occuring on it. As Lance Spitzner says in his whitepaper To Build A Honeypot, don't get too fancy, or you're setting yourself up for a DoS attack.
While I am not saying honeypots are inherently bad, I am saying some forthought can save you considerable work. Figure out what you want to do and whether a honeypot is your best solution.
> 1. UNIX was not one of the first networked game > platforms. It was one of the first networked > platforms, but I believe networked gaming can be > classified has having started back in the days > of DOOM, which was Windows only. (In mass) In > fact, until recently, UNIX has had very few > commercial games.
However, I was referring to networked games, not necessarily *commercial* networked games. Games such as Xpilot and Xtrek/Netrek. Xpilot originated about 1991, meaning it came out around the same time as Windows 3.1. Xtrek was released in 1985 or 1986, but can trace its roots back to '80 or '81. These were among the first of the "common" networked games. Earlier games were available on a system called PLATO, which was (IIRC) based out of the University of Illinois, dating as far back as 1972.
The original Doom was a DOS game, rather than being Windows only. However, I exchanged email with one of the Doom programmers in mid-1985, and he told me that it was originally written in C, and ported to DOS.
Linux has a number of first person shooters, strategic games, networked games (Unix was one of the first networked game platforms).
While I believe that many of the games listed in this article are valid, and in many cases agree with the authors, there is one overall area that is sorely lacking in Linux: Combat flight simulators.
I would love to see Falcon4, Jane's F-15 or Microprose's upcoming B-17II for Linux. I exchanged email with Microprose last year, shortly after Falcon4 and European Air War were released, and explained to them why Linux is an excellent choice for a game platform, including lower OS overhead, lower graphics overhead (OpenGL vs. DirectX), resulting in lower system requirements. Microprose's response was lukewarm.
Let's think about the real reason that these countries would do this. America has been a technology leader for most of her history. She has also been a free democracy. In the case of oppressive Communist countries, America has limited or denied exports (case in point, look at the list of specific countries that are on the denied list. IIRC, both China and Cuba are on that list).
Now, a technology that is robust and powerful comes out, and that can be run on commodity off-the-shelf hardware, which can be clustered to build a "poor-man's supercomputer." It stands to reason that these countries would flock to it.
Microsoft seems to be up to their same old games. Historically speaking, they have in the past used their application arm to bring down competition.
A case in point was the use of Word to bring down Mac sales. The Mac version of Word (5.0?) contained all of the source for the Windows version as well as the Mac code. This gave the Wintel platforms a decided performance advantage, in addition to the stability issues.
This advantage was a factor in at least one large company's deciding to transition from Mac to Wintel platform.
The same happened to a couple of companies who were running OS/2.
I would not only advise users not to support IE and other Microsoft apps under Linux, but I would also make sure to advise any corporate entities that you deal with who are using or considering Linux as an alternative. With all of the OSS alternatives (like StarOffice, the Gimp, and other apps out there), it is entirely possible to run a Linux machine in a Microsoft network.
Its not only the people waiting in lines and at the toy stores. There is a very good chance that the market is driving some of these folks.
I heard on the radio today that the original 1977 Luke Skywalker with the extending lightsaber that probably costed 4 or 5 dollars at the time is now worth $1300 today. The Darth Vader with the extending saber is worth $1600.
> Instructions: > To Install, log in as root, Office will ask you > for your root password
> It is recommended that you run this application > as root.
And did we neglect to mention that we will send your system information, including passwords, system information and installed applications to our marketing and security directorates in Redmond? We will also attach encrypted information to each document to be sent out.
This wouldn't be the first time that Microsoft has done something like this. Case in point, they took a lot of the wind out of Mac's sails with office. They apparently left the windoze code in the mac version, which made the code more bloated than it already is. This led to crashes and instability. McDonnell Douglas (and probably others) went from being mainly Mac to mainly Windoze pcs because of Word. It wouldn't surprise me a bit if they were up to this same crap again.
Slashdot Mirror
Microsoft should be able to create secure, reliable products without having to access my machine uninvited. Before you say anything about M$ reliability, compare my mailserver, running Debian that has been up for 118d 15h 21m or the Beowulf cluster all of whose slave nodes were up for 409 days (the only reason I had to shut them down was to move them between buildings), with my wife's Win98SE box which crashes (bluescreens, locks up or just reboots itself) 2-3 times a day. I know it is not a hardware issue because it dual-boots Linux, which doesn't have a problem.
The second thing, is that I don't trust Microsoft, the company that intentionally put hooks into Windows to break under non-MS DOSes (e.g. DRDOS), enough to give them access to my machine...Not while I have strength in this body...
Falcon4 was released three years ago November, and it is still one of the only sims I play regularly. As flight sims go, it is head and shoulders above the rest. I am in a virtual squadron, the 99th VFS Tuskegee Airmen, and our squadron commander actually flies F-15Es for a living.
Without going into the long and spotty history of Falcon4, suffice it to say that in the finest tradition of OpenSource software, the last two years, this sim has been receiving constant (free) upgrades from members of the community. The final installment in the Falcon4 saga is going to be Falcon4 SuperPack2 (SP2).
How many games/sims have that kind of shelf life?
Hey Santa...
You know, as a security engineer laid off from a telecom recently, I think there is an interesting perspective here. I don't know when the report was written, but if you remember, the government spent the past three or four years prior to this preparing for Y2K. These same folks gave most of the government F grades on their Y2K preparedness, but come 1 January, 2000, the government computers didn't shut down, nuclear reactors didn't melt down, aircraft didn't fall out of the sky and the air traffic control system didn't go off the air.
Now, in the post-September 11 landscape, this report hits the streets. Do you think the GAO had time to go and do a complete survey in the last two months? No. the legwork for most of this report was probably done this year, but I think the government's views have changed, at least on the higher levels, since 9/11.
Are there still sites which put their password list within view of the computer? Yes. Are there lazy or slothful admins in government service? Yes. Are there good and secure networks within the government? Absolutely. Are there similar problems in the civilian market. You betcha.
As I said, I was laid off from a telecom. I have seen, since 9/11 that the government is hungry for security folks. The civilian market seems to be taking the approach that if they don't change the status quo, they are safe. There has not been much change in the requirements for security folks, where the government has seen the light.
The other thing I have seen is that your biggest problem is with upper management when it comes to security. Even if they do sign the checks, they are also the ones who feel that the rules don't apply to them. They think that its the rank-and- file's problem, and that they are above the law. User education is hardest in dealing with upper management.
All in all, I think the government is moving in the right direction. I wonder about industry...
I got started in Unix by playing on the Internet in the days before the web was the cool thing, the days when telnet, ftp, fsp, archie and gopher were the tools of choice. I always thought it was cool.
Well, I got a job with a Large Car Rental Company (TM) as a satellite network controller, and the control system ran on a Stratus. The VSAT vendor then came out with a *gasp* GUI that ran on Sun workstations. I helped set up the machines when they first came in, and the sysadmin took me under his wing (old crotchety bearded guy who pounded lessons like "Use vi. It'll always be there" into my head). At the same time, I started playing with Linux...And the rest, as they say, is history. Now I'm that old crotchety bearded (goatee'd) guy.
As time progressed, I started getting into the security side of the house. I found that I enjoyed it because it had the same two criteria as sysadminning: 1) it was fun, and 2) it was lucrative. Worked for a company which I thought was going to put me into a professional coma of ecstasy. They let me do Beowulf clustering, Linux (distro of my choice) as well as doing security. They even let me get my CISSP. Unfortunately, their staff has dropped from 6000 to 800...
However, if you can deal with it, I would highly recommend doing system admin...
Y'know, this opens a whole realm of possibilities, none of them good.
o A manic-depressive car, ala Marvin the Paranoid Android, a constant stream of complaints about the pains that the car is having. ("I have a pain all along my left strut...")
o A car that has bladder problems that leaks when it gets excited in traffic...
o A car that refuses to start because it is having a bad hair day or dies in traffic because it is having an anxiety problem...
No, I think I've got enough to deal with just dealing with the human race...
Its illegal to yell "Fire" in a crowded theater. Does this also limit free speech?
Funny that Micro$oft says that Linux is "a cancer that attaches itself in an intellectual property sense to everything it touches." I'll bet he didn't have any problem sleeping when M$ (allegedly) "borrowed" code from Caldera.
Noel Bell has had his web page up since 1996 on signing web pages using pgp. His key is 2.6.3i, which is probably the last "safe" version anyway. :)
Here is a link to his page, with a copyright on it:
"Who do you think put up the money to develop BSD in the first place? DARPA, of course."
And let's also not forget a little startup that got its start from DARPA: Sun Microsystems.
I know in a couple of places that I have lived (Southwestern Bell area and GTE area), you can call the phone company and have them set up your lines so that they have to have a signed from you in order to change your long distance.
Now this may be a conflict of interest in your current situation since AT&T owns your local phone company, but it still holds the local company's feet to the fire in order to stop them from allowing these companies to slam you.
I was told that the reason for this form-based access method is that the long distance companies sometimes set up companies that do the long distance, but they charge exhorbitant rates for the same service. While the AT&Ts, MCIs and Sprints charge 5 cents a minute, these companies charge a quarter or more. You agree to sign up for one of the major ones, then a few months later, when you aren't watching, they give it to one of their subsidiary and start charging you at the higher cost.
It sounds like today's college students are being assimilated by the marketing and advertising collective rather than going for a higher education.
By the time they leave college, many students will be several thousand dollars in consumer debt, thanks to MasterCard and Visa wooing them to get credit cards with $5000 limits the first week of freshman year, spammers paying them to send UCE, which supports their credit card habit by giving them their minimum payment, and now this portal complete with banner ads. Want to bet that doubleclick is salivating over these ad portals? Just think, by the time they graduate from college, they will have millions of students in debt, and a complete profile of their surfing habits for their database.
This is quite an interesting article, and while I, a hard-core flight simmer can see the point of the writer, however, I think it is too corporate oriented.
Another article appeared yesterday on combatsim.com that looks at it from the simmer's perspective. Steve MacGregor writes about the computer gaming industry having "moved out of the age of bedroom programmers, and into the age of multi-national companies" and the pros and cons of this paradigm shift. On the plus side, this means that they have the budget available to create such productions. But on the down side, it seems the latest crop of games show that they "seem to be designed and developed by faceless marketing divisions who are soley interested in moving product."
Mr. MacGregor gave a number of examples of games which, when he bought them, were either obviously incomplete (e.g. the reference manual talks about features that are obviously not in the game), or the system requirements were determined by some marketing droid whose sole motivation is the bottom line. (In his example, he bought a game which said minimum requirements were a PII/266, 64MB RAM, 4MB 3D vidcard, recommended was a PII/350, 64MB RAM, 16MB 3D vidcard. His machine is a K6-2/533, 64MB, 32MB Riva TNT2, and even with all of the graphics options at minimum, he can't get above 10 FPS.)
I think the following statement from his article sums the situation up nicely:
"Some recent games seem to have been produced solely based on how much revenue they can generate, and have ignored completely the need to give the customer value for his money. This isn't how it is supposed to be. If I buy a microwave oven, or a radio, or a car, or any other item, I have every right to expect that it will perform as advertised. If it doesn't, I get my money back. If I buy a computer game and it doesn't perform as advertised on the box, I am often left to hope that unpaid but talented individuals will assist me via the Internet. It seems that we gamers are getting a poor deal here, and I believe it is time to take a stand."
I understand that computer games is an industry, and that they want to make profits. But why should quality suffer?
Personally, I don't think they will use carnivore
in such an overt manner. The public outcry would
be too great.Since it is a sniffer, I think they
would drop "offensive" or "questionable" packets,
either based on userid (drop all traffic from
foo@bar.com), or they would start dropping, say,
all encrypted traffic. Why encrypted traffic?
Because anyone using strong encryption would give
them *major* headaches trying to decrypt it. And
since Louis Freeh has previously said that he
didn't think that the public should have strong
encryption. He also has petitioned for the FBI to
have the hardware in place to tap 1% of all of
the phone lines in the metropolitan areas of the
US simultaneously. Given statements like these, it
wouldn't surprise me if they set something like
this up and target specific types of traffic. The
"we can't decrypt it, so it doesn't belong on the
network" mindset isn't too far of a stretch.
Could it be that Microsoft is up to their old tricks again? You know, the embrace, extend, extinguish business model?
When they ported Office to MacOS, they either did a really sloppy job of porting it or they made sure it had far inferior performance compared to the native (Intel) version. Considering who we are dealing with, I leave that choice to the reader. Whatever the case, the Macs started crashing and not performing well.
A large aircraft company in the midwest was almost totally a Mac shop. However, when these problems started appearing, they switched over to Intel running (you guessed it) Win95.
Personally, I don't want Office or Exploiter for Linux/*BSD/Unix. I think we're too familiar with Microsoft's business model, to believe that they would do something like that for the good of the community. They would use it to discredit *nix on the desktop. ("I don't know why these boxes crash like this. I'll bet it would run better under Windows...")
Anybody remember the IE beta for Unix? It grabbed something like 45MB of memory just to open up.
IBM has been shipping ThinkPads with Linux for a couple of years now. A friend of mine at a former job was able to order, straight from IBM, a ThinkPad 600 (IIRC) with RedHat 5.2. They have been quietly shipping them this way if you requested it. Its good to see them being more open about it.
It almost seems as if the Europeans' move to eliminate export restrictions could be a response to the US' attempt to become the world's cyberpolice. The US, according to the articles I read, seem to have been trying to impose its will on the rest of the world, which obviously didn't sit well with the Europeans, especially when combined with the use of Echelon. Opening export of crypto would be a logical response to a country playing Big Brother.
If you are looking for scriptkiddies, this type of honeypot is perfect for you. Scriptkiddies look for the easy kill, the box that shows the listening port that they can try the newest 'sploit on. However, the "professional" cracker generally has a specific target in mind, goes for that target and nothing else. The other thing is that he gets in, gets what he wants and gets out, and nobody is the wiser.
The other question that should drive your decision to deploy a dedicated honeypot (and your entire security policy) is what you are trying to protect. Are you using the honeypot for learning purposes? Then this is probably the type of 'pot for you. If you are setting it up as a tripwire or trigger to watch for untoward activities, then you might consider setting up something a little different. You should also consider what type of network you are setting this up on, and what the cracker stands to gain if he owns that particular box.
The second type of honeypot involves setting up scripts and whatnot on existing machines. It falls as much into the range of Intrusion Detection as it does Deception.
This method uses scripts which listen on common unused ports. Not running pop3? Set up a perl script on port 110 that logs activity occuring on it. As Lance Spitzner says in his whitepaper To Build A Honeypot, don't get too fancy, or you're setting yourself up for a DoS attack.
While I am not saying honeypots are inherently bad, I am saying some forthought can save you considerable work. Figure out what you want to do and whether a honeypot is your best solution.
> 1. UNIX was not one of the first networked game
> platforms. It was one of the first networked
> platforms, but I believe networked gaming can be
> classified has having started back in the days
> of DOOM, which was Windows only. (In mass) In
> fact, until recently, UNIX has had very few
> commercial games.
However, I was referring to networked games, not necessarily *commercial* networked games. Games such as Xpilot and Xtrek/Netrek. Xpilot originated about 1991, meaning it came out around the same time as Windows 3.1. Xtrek was released in 1985 or 1986, but can trace its roots back to '80 or '81. These were among the first of the "common" networked games. Earlier games were available on a system called PLATO, which was (IIRC) based out of the University of Illinois, dating as far back as 1972.
The original Doom was a DOS game, rather than being Windows only. However, I exchanged email with one of the Doom programmers in mid-1985, and he told me that it was originally written in C, and ported to DOS.
Linux has a number of first person shooters, strategic games, networked games (Unix was one of the first networked game platforms).
While I believe that many of the games listed in this article are valid, and in many cases agree with the authors, there is one overall area that is sorely lacking in Linux: Combat flight simulators.
I would love to see Falcon4, Jane's F-15 or Microprose's upcoming B-17II for Linux. I exchanged email with Microprose last year, shortly after Falcon4 and European Air War were released, and explained to them why Linux is an excellent choice for a game platform, including lower OS overhead, lower graphics overhead (OpenGL vs. DirectX), resulting in lower system requirements. Microprose's response was lukewarm.
IMHO, I would like to see more flight sims.
Now all they have to do is patent oxygen, and they're set...
Let's think about the real reason that these countries would do this. America has been a technology leader for most of her history. She has also been a free democracy. In the case of oppressive Communist countries, America has limited or denied exports (case in point, look at the list of specific countries that are on the denied list. IIRC, both China and Cuba are on that list).
Now, a technology that is robust and powerful comes out, and that can be run on commodity off-the-shelf hardware, which can be clustered to build a "poor-man's supercomputer." It stands to reason that these countries would flock to it.
Microsoft seems to be up to their same old games. Historically speaking, they have in the past used their application arm to bring down competition.
A case in point was the use of Word to bring down Mac sales. The Mac version of Word (5.0?) contained all of the source for the Windows version as well as the Mac code. This gave the Wintel platforms a decided performance advantage, in addition to the stability issues.
This advantage was a factor in at least one large company's deciding to transition from Mac to Wintel platform.
The same happened to a couple of companies who were running OS/2.
I would not only advise users not to support IE and other Microsoft apps under Linux, but I would also make sure to advise any corporate entities that you deal with who are using or considering Linux as an alternative. With all of the OSS alternatives (like StarOffice, the Gimp, and other apps out there), it is entirely possible to run a Linux machine in a Microsoft network.
Its not only the people waiting in lines and at the toy stores. There is a very good chance that the market is driving some of these folks.
I heard on the radio today that the original 1977 Luke Skywalker with the extending lightsaber that probably costed 4 or 5 dollars at the time is now worth $1300 today. The Darth Vader with the extending saber is worth $1600.
> Instructions:
> To Install, log in as root, Office will ask you > for your root password
> It is recommended that you run this application > as root.
And did we neglect to mention that we will send your system information, including passwords, system information and installed applications to our marketing and security directorates in Redmond? We will also attach encrypted information to each document to be sent out.
This wouldn't be the first time that Microsoft has done something like this. Case in point, they took a lot of the wind out of Mac's sails with office. They apparently left the windoze code in the mac version, which made the code more bloated than it already is. This led to crashes and instability. McDonnell Douglas (and probably others) went from being mainly Mac to mainly Windoze pcs because of Word. It wouldn't surprise me a bit if they were up to this same crap again.