Well, if a company seizes to exist, either due to bancrupcy, or it is just disolved, all assets are usually sold off. The source code was likely part of this. Now it may happen, that nobody bought it, and it got abandonded for anyone to pick up. But to make sure, you need to check with whoever took care of the company.
22 ms is pretty good. However, as everything, it depends. For example, how large is your ISPs network and how close does it get you to the final location you are interested in? For example my cable ISP has a larger network. If I try to contact a server a few states away, it uses my ISPs lines for most of the trip.
If you have a service level agreement, it usually specifies 100ms as maximum round trip time within the ISPs network. I guess they pick this rather high number as it usually is fast enough and shorter times are a bit hard to measure.
Also: Dont necesserily trust tools that use ICMP packets to measure roundtrip times. Some ISPs implement QOS rules that give ICMP a lower priority. Try UDP, or if you use TCP make sure you set the TOS flags for low latency.
unlike others mentioned here, there is a nice replacement for Access: mysql (or postgresql for that matter). OpenOffice can pull data from ODBC data sources. Mysql and other databases support open source. Do a quick google query to find out the details.
OpenOffice uses its own scripting language. Not sure how similar/different it is from Visual Basic. I do see Python mentioned as a new feature for the upcoming release.
Couple of different options. First, you could talk to the Content Delivery Networks (CDN's) like Akamai or Digital Island. They can probably help you (for a price).
Another option is colocation. In particular if you have short traffic spikes. Many colocation places charge your for at a '95 Percentile'. This will cut out about 3 days worth of 'peek traffic' and you only pay for the maximum bandwidth you use after removing the top 5%. Just make sure the colocation place has enough bandwidth to handle the spikes.
Some ISPs (e.g. Yipes) offer flexible contracts that allow fast (daily?) bandwidth changes. So if you announce a new version of your product, you can increase your bandwidth until the rush is over.
One hint: Try to move the large file/content away from your 'importants' networks, so other things like e-mail keep flowing even if the content site is running into issues due to load.
the main problem in my experience is wall penetration. Don't count on more than 3 walls (and this is stretching it if they are concrete). Consider mounting the antenna outside a bit away from the building, essentially hitting the outside wall. This will give you only one wall for all apartments.
Don't forget about accountability and security. Even if billing is not an issue, you don't want someone in your building to go wild and start a hacking crew. Static IPs are a bit accountability help, NAT is though
No, he is not the only one;-). But overall, security doesn't mean buying/installing more "stuff". Keep it simple! However, the idea to colaborate is good (see footer;o) ).
Syadmins need to work together and top trying to play 'security by obscurity'. Share with others and learn how to improve your network.
Re:PostgreSQL has every feature but Replication.
on
MySQL A Threat to Bigwigs?
·
· Score: 2, Interesting
Not sure why it hasn't gotten around to PostgreSQL yet that MySQL does support transactions.
I see it as one of the main advantages of MySQL over PostgreSQL is that you are able to turn off transactions if you don't need them.
The main difference between MySQL and PostgreSQL is more 'philosophical'. MySQL does not attempt to hunt Oracle based on features. Instead, the main objective for MySQL is speed. PostgreSQL on the other hand attempts to duplicate as many Oracle features as possible.
BTW: MySQL does support replication well, even in its non-commercial version.
on March 7th/8th, SANS is having another 'IDNET' event. The target boxes are preconfigured with known vulnerabilities for this even. It is part of the vendor expo at SANS 2003 in San Diego.
usually, there are some nice prices and admission is free or cheap ($10-20). details
Vanquish is a startup that does try to sell a system like this. The idea is similar: You get some kind of certificate from them to sign your email. Other vanquish users will accept only 'signed' email. If you receive a signed email that turns out to be spam, you can get reimbursed for your time by the sender.
I like the part about cooperation. Hackers do it for years successfully, while network administrators prefer to sit in their closets under tin-foil hats hoping to preotect themself with obscurity.
Systems to share already exist. Just check the "Internet Storm Center" and DShield for a place to exchange logs and ideas.
IMHO, a 'secure distro' is secure by default. You plug in the CD, turn on the box, install it and just keep clicking 'ok'. At the end, you should end up with a secure box. Now it is up to the admin to open the holes.
However, many distros go a different path by enabling services and allowing installs with weak passwords (or no passwords).
For a nice security benchmark, see the Center for Internet Security. I wait for the day where a default install of RedHat will score a perfect 10 with it... (It is more around 5 right now on their 0-10 point scale).
Important: The original quote, that it includes a brute force password cracker, was WRONG. It will only attack systems with empty SA password, and it will assign a somewhat random password after it is done.
The real challange is to find a Laptop with Linux pre-installed. There are a couple companies, but they are way more expensive ($500 last time I checked) than mainstream laptops with Windows.
What is realy missing for both is a good documentation. E.g. an O'Reilly book;-). The LIDS documentation are terribly out of date. Are there any distro plans for SELinux? It would be nice to combine its great features with the momentum if would get from packaging it in a nice distro.
Slashdot Mirror
Well, if a company seizes to exist, either due to bancrupcy, or it is just disolved, all assets are usually sold off. The source code was likely part of this. Now it may happen, that nobody bought it, and it got abandonded for anyone to pick up. But to make sure, you need to check with whoever took care of the company.
22 ms is pretty good. However, as everything, it depends. For example, how large is your ISPs network and how close does it get you to the final location you are interested in? For example my cable ISP has a larger network. If I try to contact a server a few states away, it uses my ISPs lines for most of the trip.
If you have a service level agreement, it usually specifies 100ms as maximum round trip time within the ISPs network. I guess they pick this rather high number as it usually is fast enough and shorter times are a bit hard to measure.
Also: Dont necesserily trust tools that use ICMP packets to measure roundtrip times. Some ISPs implement QOS rules that give ICMP a lower priority. Try UDP, or if you use TCP make sure you set the TOS flags for low latency.
Would this be like OReilly's Safari online books on steroids? Safari is my favorite bookstore for a while now.
unlike others mentioned here, there is a nice replacement for Access: mysql (or postgresql for that matter). OpenOffice can pull data from ODBC data sources. Mysql and other databases support open source. Do a quick google query to find out the details.
OpenOffice uses its own scripting language. Not sure how similar/different it is from Visual Basic. I do see Python mentioned as a new feature for the upcoming release.
Couple of different options. First, you could talk to the Content Delivery Networks (CDN's) like Akamai or Digital Island. They can probably help you (for a price).
Another option is colocation. In particular if you have short traffic spikes. Many colocation places charge your for at a '95 Percentile'. This will cut out about 3 days worth of 'peek traffic' and you only pay for the maximum bandwidth you use after removing the top 5%. Just make sure the colocation place has enough bandwidth to handle the spikes.
Some ISPs (e.g. Yipes) offer flexible contracts that allow fast (daily?) bandwidth changes. So if you announce a new version of your product, you can increase your bandwidth until the rush is over.
One hint: Try to move the large file/content away from your 'importants' networks, so other things like e-mail keep flowing even if the content site is running into issues due to load.
And once you get your firewall up and running, join DShield and it's mailing list to discuss security topics.
couple things to consider:
the main problem in my experience is wall penetration. Don't count on more than 3 walls (and this is stretching it if they are concrete). Consider mounting the antenna outside a bit away from the building, essentially hitting the outside wall. This will give you only one wall for all apartments.
Don't forget about accountability and security. Even if billing is not an issue, you don't want someone in your building to go wild and start a hacking crew. Static IPs are a bit accountability help, NAT is though
No. You are not running the code. The worm downloads
:-(
it from the site and runs it. You are just making the code available.
On the other hand, according to a more recent report, this method does not seem to work for far for the fizzler worm
No, he is not the only one ;-). But overall, security doesn't mean buying/installing more "stuff". Keep it simple! However, the idea to colaborate is good (see footer ;o) ).
Syadmins need to work together and top trying to play 'security by obscurity'. Share with others and learn how to improve your network.
Not sure why it hasn't gotten around to PostgreSQL yet that MySQL does support transactions.
I see it as one of the main advantages of MySQL over PostgreSQL is that you are able to turn off transactions if you don't need them.
The main difference between MySQL and PostgreSQL is more 'philosophical'. MySQL does not attempt to hunt Oracle based on features. Instead, the main objective for MySQL is speed. PostgreSQL on the other hand attempts to duplicate as many Oracle features as possible.
BTW: MySQL does support replication well, even in its non-commercial version.
on March 7th/8th, SANS is having another 'IDNET'
event. The target boxes are preconfigured with
known vulnerabilities for this even. It is part
of the vendor expo at SANS 2003 in San Diego.
usually, there are some nice prices and admission is free or cheap ($10-20).
details
well, was a fake exploit. unlike the many unpatched MSIE/Windows holes ;-)
Vanquish is a startup
that does try to sell a system like this. The idea is similar: You get some kind of certificate from them to sign your email. Other vanquish users will accept only 'signed' email. If you receive a signed email that turns out to be spam, you can get reimbursed for your time by the sender.
I like the part about cooperation. Hackers do it for years successfully, while network administrators prefer to sit in their closets under tin-foil hats hoping to preotect themself with obscurity.
Systems to share already exist. Just check the "Internet Storm Center" and DShield for a place to exchange logs and ideas.
IMHO, a 'secure distro' is secure by default. You plug in the CD, turn on the box, install it and just keep clicking 'ok'. At the end, you should end up with a secure box. Now it is up to the admin to open the holes.
However, many distros go a different path by enabling services and allowing installs with weak passwords (or no passwords).
For a nice security benchmark, see the Center for Internet Security. I wait for the day where a default install of RedHat will score a perfect 10 with it... (It is more around 5 right now on their 0-10 point scale).
The NSA / SELinux is still in the beta stage right now. I don't think it can count as a full production distro at this point.
In particular no problem at $550 a pop...
Important: The original quote, that it includes a brute force password cracker, was WRONG. It will only attack systems with empty SA password, and it will assign a somewhat random password after it is done.
johannes.
There is an 'official' script and a pgp signed
'block list':
http://www.dshield.org/block_list_info.html
the geographic data comes from whois lookups. reverse dns doesn't work well as you point out (.net, .com, .org are used all over the world).
comes from 'whois', not TLD's. Some networks that own locations in multiple countries are registered as 'EU'.
The real challange is to find a Laptop with
Linux pre-installed. There are a couple companies,
but they are way more expensive ($500 last time
I checked) than mainstream laptops with Windows.
Now they just need to merge LIDS and SELinux!
;-). The LIDS documentation are terribly out of date.
What is realy missing for both is a good documentation. E.g. an O'Reilly book
Are there any distro plans for SELinux? It would be nice to combine its great features with the momentum if would get from packaging it in a nice distro.
Will Microsoft now start suing all the IRC kidies playing with tojans?
So far, DShield does not have too much scanning for it yet (data).
But I guess the kiddies are still sharpening the tools...