I've migrated a metric crapload of LDAP apps from OpenLDAP, Sun LDAP and BT X.500 to Active Directory and AD/AM (aka AD-LDS) and haven't found a single issue with the LDAP interfacing apart from where apps were relying on non-RFC features in the original LDAP servers.
I think you are wrong. When I saw this article I immediately thought "Just reverse the process". I am pretty sure I'm not a genius, so this occurred to many people (as evidence by the number of posters here). We aren't going to improve security by trying to hide the vulnerabilities. It's called Security through Obscurity and has been widely discredited.
What we should do is nail this guy which may act as a deterrent to some potential paedophiles. With all the tools in their arsenals, I don't think Interpol are giving away the crown jewels in intelligence here.
You could turn on process monitoring (google for Auditing Settings Process Accounting). This will record an event log entry every time a new process is spawned with some details that might be useful. However, if the popup is generated by a single process which popups, then sleeps it won't create an event log entry every time - as the process isn't being re-spawned.
If you are concerned that you have been rootkitted and that the event log can't be trusted, you may as well blow the whole thing away (or take your luck with rootkit removal - urgh).
There is a known bug with updating (or creating) more than a few thousand objects on w2k. It is documented by microsoft kb. Search for "ad object add 5000"
Seconded. I bought one of these a few months back and they are smashing. It is super quick printing, has USB and an EIO (comes with parallel adapter plugin, but you can buy Ethernet) and the initial cart seems good for a few thousand pages.
Did have an LJ4+, but it was causing the house to subside.
A fruit machine is an AWP - Amusement with prizes. This means that they don't have any skill element. Quiz machines are generally SWP - Skills with prizes. These *DO* have a skill element. This is stated under the british gambling laws, the websites of the manufacturers and lots of other places.
I can't understand why the original poster didn't mention this. Well, apart from the fact that it would invalidate their unfounded rant.
Hi. Hardware wise you are heading in the right direction. Anything that you don't have to pay for is good (loaner machines right?).
As for your NIS question, I would be very tempted to use LDAP. NIS is horribly horrible whereas LDAP is much easier to understand, implement, support and interoperate.
As for the hardware, go for the biggest, baddest you can. Assuming you use RAID on your servers (make it hardware RAID) can you survive with only 72 GB of storage ?
Anyway, I'll have a think about your hardware some more.
When DNS servers are configured to back each other up and duplicate the database they use a system called zone transfers to transfer the DNS data to each other. You can emulate this using dig or nslookup.
However, as any properly configured site should, MS stop you doing a zone transfer (certainly from dns3.uk.msft.net which is the one i tried).
Also, I don't think you should do this to add them to your hosts project. Some of the stuff you have in your loopback hosts file is wrong and shouldn't be in there.
Slashdot Mirror
Fancy pointing out these LDAP "issues"?
I've migrated a metric crapload of LDAP apps from OpenLDAP, Sun LDAP and BT X.500 to Active Directory and AD/AM (aka AD-LDS) and haven't found a single issue with the LDAP interfacing apart from where apps were relying on non-RFC features in the original LDAP servers.
Your anecdote != data.
I think you are wrong. When I saw this article I immediately thought "Just reverse the process". I am pretty sure I'm not a genius, so this occurred to many people (as evidence by the number of posters here). We aren't going to improve security by trying to hide the vulnerabilities. It's called Security through Obscurity and has been widely discredited.
What we should do is nail this guy which may act as a deterrent to some potential paedophiles. With all the tools in their arsenals, I don't think Interpol are giving away the crown jewels in intelligence here.
tim
You could turn on process monitoring (google for Auditing Settings Process Accounting). This will record an event log entry every time a new process is spawned with some details that might be useful. However, if the popup is generated by a single process which popups, then sleeps it won't create an event log entry every time - as the process isn't being re-spawned.
If you are concerned that you have been rootkitted and that the event log can't be trusted, you may as well blow the whole thing away (or take your luck with rootkit removal - urgh).
trmatthe
Are your 3 NICS on the same PCI bus ? If it's a plain PCI bus then remember the PCI bandwidth limitation.
If it's PCI-X or similar then ok, look elsewhere.
I'd go for ASIC based hardware (i.e. GB switch)
Sorry !
Tim
Seconded. I bought one of these a few months back and they are smashing. It is super quick printing, has USB and an EIO (comes with parallel adapter plugin, but you can buy Ethernet) and the initial cart seems good for a few thousand pages.
Did have an LJ4+, but it was causing the house to subside.
Tim
A fruit machine is an AWP - Amusement with prizes. This means that they don't have any skill element. Quiz machines are generally SWP - Skills with prizes. These *DO* have a skill element. This is stated under the british gambling laws, the websites of the manufacturers and lots of other places.
I can't understand why the original poster didn't mention this. Well, apart from the fact that it would invalidate their unfounded rant.
tim
As for your NIS question, I would be very tempted to use LDAP. NIS is horribly horrible whereas LDAP is much easier to understand, implement, support and interoperate.
Check out LDAPGuru and OpenLDAP.
As for the hardware, go for the biggest, baddest you can. Assuming you use RAID on your servers (make it hardware RAID) can you survive with only 72 GB of storage ?
Anyway, I'll have a think about your hardware some more.
cheers, Tim
It's their hardware. Their software. Their electricity. If they tell you to stop, stop !
When DNS servers are configured to back each other up and duplicate the database they use a system called zone transfers to transfer the DNS data to each other. You can emulate this using dig or nslookup.
However, as any properly configured site should, MS stop you doing a zone transfer (certainly from dns3.uk.msft.net which is the one i tried).
Also, I don't think you should do this to add them to your hosts project. Some of the stuff you have in your loopback hosts file is wrong and shouldn't be in there.