And this should bring in another discusssion on the use of snort-inline.
Let me ellaborate:
Snort inline is a branch of snort, an IDS (Intrussion Detection System) that can hook your ID rules to iptables via libipq.
You can use this thing as an Intrussion Prevention System, but really, that isnt much different from a level 7 firewall like paketeer.
Of course, this means nothing about the problem at hand in that it wont solve the 'dorm to a crawl' problem, but if you get to a controlled state where you know most machines in the dorm are not infected, you can use this puppy to both, block new outbursts of the virii packets ONLY (level 7 filtering, will work with http, smtp, anything in between, matching rules) and you can use swatch to scan the alarm logs and mail you the second it detects virii data.
Dig into it on the honeynet's project homepage (url not at hand, STFGoogle), and while you are at it, dig into the bridging firewall patch along with ebtables which will let you just pop in this box as a transparent firewall in your existing infrastructure.
Now, for the extra discussion, feel free to mark me as offtopic, wouldnt it be KEWL if ppl started working in making snort-ids a level 7 firewall propper? I dont have the skills, but it would be a paketeer killer and it would only be missing some twitches to the detection engine and the autodiscovery of protocols which can be a bliss with soem perl and fw logs....just a thought...
The French intelligence services work very closely with French businesses.
And, to be fair, US intelligence service works occasionally closely with US corporations (there were some cases related to airplane industry where EU was investigating how come US company had found out what some european company was bidding).
Ocassionally? Not so. All the staged-by-CIA coup de etats in latin america were pushed by corporations (United Fruit, Folgers...etc.) when the government of any given country tried to get better deals for the workers (if you want to call that communism, go ahead).
THe irak war? I can think of a couple of oil companies (incidentaly, belonging to the Bush family) and american banks that are more than happy with the outcome.
Debian GNU/BSD is started and we end up with the exact same debian with a bsd kernel (not the same as the one above). It would be good to get berkeley relicense it GPL if possible (ya right).
We port all the linux drivers and relevant coolstuff(TM) to the BSD kernel.
We still have a full FLOSS OS with a killer ultra-scalable kernel.
If HURD is done before that (dont grin), then kill BSD and use plain HURD.
I dont know about you. I charge 70 dollars for each debian i sell, just for distributing it. Its a pain for me to burn them, if you dont like the price, go download them yourself.
I also charge installation fees and support contracts for exactly the same price as many Unix admin/consultant (60 to 200 bucks an hour personal price, as much as 1,500 dls an hour for an ibm consultant, depends on the job)
thiscomputer costs X, thiscomputer2 costs Y, Y X for ANY instance thiscomputer.
Now, someone to put that in english and youre home free.
Arguments:
yeah, you can edit word documents although they will, in some very few cases, need tweaking when they come from word and you need to edit them. Viewing them is no problem though, this will open them all with no problem.
Also, sending stuff to other ppl will be no problem either, you just save it into a format called PDF and everyone in the world will be able to read them.
Yeah, this will connect to the internet. Configuring it is the same as in windows, just open the internet connection menuoption. Its all in this slick short mandrake/redhat/suse manual.
NOW, if your shop tried to do this with no manuals, no start-here guide with the five steps to link to the internet, editing documents and configuring the printer, then its all your fault. That was supposed to be your job.
What the hell. YEAH, this technology can take the power (and money) OFF micrisoft and into YOUR pockets. But for christ sakes, you have to work a little more to achieve an acceptable level of quality for your average user. What did you think!, it came all ready for THEM? NO it comes ready for YOU so that YOU make it easy for THEM.
Ive done it, ive used it in LARGE environments (2000/4000) users.
It requires tweaking and a bit of patience but its a great tool, XML-RPC/SOAP enabled, and it has an Outlook connector called HAMOA (which is mysql-like open source). It also has the bricks already layed out to sync to palms and whatever.
Its a great groupware infrastructure, better in many terms than exchange.
I like IBM's stand on linux just as much as the next guy, but i read a cool book by Andres Openheimer (Andy is his CNN corresponsal nickname so you wasps can trust him, he is argentinian in origin).
He wrote a book, i dont know if he wrote it in english too, called Ojos Vendados (Veiled eyes or something), where he detailed a couple of the largest scams ever made in the history of latin america and how IBM was all in it.
The scam was a project to provission all of the tecnology of the arentinian national bank, this was a billion dollar project!
What arentinian authorities discovered was that ibm bribed a couple of hundred top level employees of the bank, the project's cost was 600 million dollars real cost, a similar sum just in bribes.
So, no business is a moral entity, distrust any moral entity/organization that calls itself so (especially your church), keep things in perspective, uncle bush is friends with uncle gates, so not even the auditors can be trusted.
You DONT know for a fact if its legal to share this. This could mean a tremendous blow, maybe even a staged trap against the GPL.
You are not "cool" if you break the law. Remember pirates are the worst enemy of open source software. If you download and use this code now, without being clear about its legitimacy, you are working against open source, against the GPL and against all that is good and lawfull.
Um....
Well....i gues i shouldnt start a discussion here so mod me down but well....
the quality is behind and that extra quality which OSX has, is exactly what Linux is missing. When Linux gets quality, eye candy, or whatever you call it, the masses will come along.
Are you aware that linux is installed in a great many more boxes than MacOSX ever will?
I agree partly with the statement that human life is allways more important BUT, iraq is somehow of the mother of all archeologicall sites....
My friend, most of the bible's stories has iraq as a background. Not only writing, but navigation, maps, law.... a large host of things where made in the area.
So lets gravitate to the middle, we can agree that war is allways a pitifull, incredibly animal and uncivilized thing.
We can agree that human life is more important than any piece of clay.
We can agree that iraq is one of the most important and amazing sites. The origin of western civilization.
So now, should america nuke it?
So now, should iraq nuke anyone else?
So now, should israel nuke iraq?
Is any of this justified over some oil, saddam's manhood (or lack thereoff), religious and nationalistic (practically fascist) arab feelings?
No, No No No.... im tired of all... im tired of germanies, france, russia hipocresy (they have allways been ruthless with their colonies, murderers as any powerfull nation).
Im tired of the US allways protecting the interest of the incredebly pitifull american "culture". Fucking bunch of barbarians that, come on, drool over fucking pecan pie or big-macs (that says a lot about a country).
Im tired of the damned arabs with their cocky attitude, thinking the truth is what they hold when mostly they arent even refering to the profets words, but to their own bloody local traditions (look up what the q'ran of omar says, versus to what the rest of the books say....the qran is pretty peacefull, the rest of the stories are bloody shows of animality and disgrace).
Humanity is inexistant, we are all sick, noone has the moral pull to convince anyone. All have ulterior motives, and yet, they will decide....i just hope an asteroid fucks us up before we do.
Slashdot Mirror
And this should bring in another discusssion on the use of snort-inline.
Let me ellaborate:
Snort inline is a branch of snort, an IDS (Intrussion Detection System) that can hook your ID rules to iptables via libipq.
You can use this thing as an Intrussion Prevention System, but really, that isnt much different from a level 7 firewall like paketeer.
Of course, this means nothing about the problem at hand in that it wont solve the 'dorm to a crawl' problem, but if you get to a controlled state where you know most machines in the dorm are not infected, you can use this puppy to both, block new outbursts of the virii packets ONLY (level 7 filtering, will work with http, smtp, anything in between, matching rules) and you can use swatch to scan the alarm logs and mail you the second it detects virii data.
Dig into it on the honeynet's project homepage (url not at hand, STFGoogle), and while you are at it, dig into the bridging firewall patch along with ebtables which will let you just pop in this box as a transparent firewall in your existing infrastructure.
Now, for the extra discussion, feel free to mark me as offtopic, wouldnt it be KEWL if ppl started working in making snort-ids a level 7 firewall propper? I dont have the skills, but it would be a paketeer killer and it would only be missing some twitches to the detection engine and the autodiscovery of protocols which can be a bliss with soem perl and fw logs....just a thought...
Now, discuss amongst yourselves......
Now SCO owns my fridge, the tv, the washing machine...etc.
Doesnt it make you shiver to have McBride come in and take your slushie blender from your hands?
Dont americans want one of this? Arent you the least bit worried about the loss of your freedoms both online and offline.
I say Kudos for America, and lets try and make an anonimizer for american citizens.
Come on. With all the expossure SCO has had, its probably all those linux clients trying to buy their licence....
DDOS attack...pfhe!
The NERVE! To not clearly side up in an emacs/vi question!
This is where trust just erodes....
(LOL)
I havent been able to beat gnuchess....:(
The French intelligence services work very closely with French businesses.
And, to be fair, US intelligence service works occasionally closely with US corporations (there were some cases related to airplane industry where EU was investigating how come US company had found out what some european company was bidding).
Ocassionally? Not so. All the staged-by-CIA coup de etats in latin america were pushed by corporations (United Fruit, Folgers...etc.) when the government of any given country tried to get better deals for the workers (if you want to call that communism, go ahead).
THe irak war? I can think of a couple of oil companies (incidentaly, belonging to the Bush family) and american banks that are more than happy with the outcome.
WILL mark this as non-free. This is not a troll.
Read the debian free software guidelines.
Yeah, you're right... what the US needs is a good dictator.
She already has one.
The medium term scenario is this:
Lawsuits extend long enough to hurt linux badly
Debian/BSD is propperly finished
Debian GNU/BSD is started and we end up with the exact same debian with a bsd kernel (not the same as the one above). It would be good to get berkeley relicense it GPL if possible (ya right).
We port all the linux drivers and relevant coolstuff(TM) to the BSD kernel.
We still have a full FLOSS OS with a killer ultra-scalable kernel.
If HURD is done before that (dont grin), then kill BSD and use plain HURD.
I dont know about you. I charge 70 dollars for each debian i sell, just for distributing it. Its a pain for me to burn them, if you dont like the price, go download them yourself.
I also charge installation fees and support contracts for exactly the same price as many Unix admin/consultant (60 to 200 bucks an hour personal price, as much as 1,500 dls an hour for an ibm consultant, depends on the job)
Sell free software
Send the invoice
Get the check
Go to the bank
Pay my bills
What did you think? Its the same as selling anything. If ive sold it i made money.
thiscomputer costs X, thiscomputer2 costs Y, Y X for ANY instance thiscomputer.
Now, someone to put that in english and youre home free.
Arguments:
yeah, you can edit word documents although they will, in some very few cases, need tweaking when they come from word and you need to edit them. Viewing them is no problem though, this will open them all with no problem.
Also, sending stuff to other ppl will be no problem either, you just save it into a format called PDF and everyone in the world will be able to read them.
Yeah, this will connect to the internet. Configuring it is the same as in windows, just open the internet connection menuoption. Its all in this slick short mandrake/redhat/suse manual.
NOW, if your shop tried to do this with no manuals, no start-here guide with the five steps to link to the internet, editing documents and configuring the printer, then its all your fault. That was supposed to be your job.
What the hell. YEAH, this technology can take the power (and money) OFF micrisoft and into YOUR pockets. But for christ sakes, you have to work a little more to achieve an acceptable level of quality for your average user. What did you think!, it came all ready for THEM? NO it comes ready for YOU so that YOU make it easy for THEM.
It has an outlook sync connector
Ive done it, ive used it in LARGE environments (2000/4000) users.
It requires tweaking and a bit of patience but its a great tool, XML-RPC/SOAP enabled, and it has an Outlook connector called HAMOA (which is mysql-like open source). It also has the bricks already layed out to sync to palms and whatever.
Its a great groupware infrastructure, better in many terms than exchange.
www.phpgroupware.org
.... at least this suit has gotten Linux mentioned in many places where it normally wouldn't be.
Same applies to SCO. Hell, i had forgotten them...
SeCX YOU!
I like IBM's stand on linux just as much as the next guy, but i read a cool book by Andres Openheimer (Andy is his CNN corresponsal nickname so you wasps can trust him, he is argentinian in origin).
He wrote a book, i dont know if he wrote it in english too, called Ojos Vendados (Veiled eyes or something), where he detailed a couple of the largest scams ever made in the history of latin america and how IBM was all in it.
The scam was a project to provission all of the tecnology of the arentinian national bank, this was a billion dollar project!
What arentinian authorities discovered was that ibm bribed a couple of hundred top level employees of the bank, the project's cost was 600 million dollars real cost, a similar sum just in bribes.
So, no business is a moral entity, distrust any moral entity/organization that calls itself so (especially your church), keep things in perspective, uncle bush is friends with uncle gates, so not even the auditors can be trusted.
Lex
You DONT know for a fact if its legal to share this. This could mean a tremendous blow, maybe even a staged trap against the GPL.
You are not "cool" if you break the law. Remember pirates are the worst enemy of open source software. If you download and use this code now, without being clear about its legitimacy, you are working against open source, against the GPL and against all that is good and lawfull.
Dont be stupid for christ sakes!
Um....
Well....i gues i shouldnt start a discussion here so mod me down but well....
the quality is behind and that extra quality which OSX has, is exactly what Linux is missing. When Linux gets quality, eye candy, or whatever you call it, the masses will come along.
Are you aware that linux is installed in a great many more boxes than MacOSX ever will?
-1, repetitive
Welcome to america......the land of the free, the home of the brave....
How much longer will you americans tolerate the assesination of the liberties you, yourselves gave birth to?
Bush has brought the future non-society portrayed in Snowcrash to the scariest reality. Its 1984 all over again, but off the book and into my life.
FUCK Google for this....
Digitizing natural proceses should not warrant you a patent....
hell, what if va patents software development change-control procedures just because they own a fucking website.
I agree partly with the statement that human life is allways more important BUT, iraq is somehow of the mother of all archeologicall sites....
My friend, most of the bible's stories has iraq as a background. Not only writing, but navigation, maps, law.... a large host of things where made in the area.
So lets gravitate to the middle, we can agree that war is allways a pitifull, incredibly animal and uncivilized thing.
We can agree that human life is more important than any piece of clay.
We can agree that iraq is one of the most important and amazing sites. The origin of western civilization.
So now, should america nuke it?
So now, should iraq nuke anyone else?
So now, should israel nuke iraq?
Is any of this justified over some oil, saddam's manhood (or lack thereoff), religious and nationalistic (practically fascist) arab feelings?
No, No No No.... im tired of all... im tired of germanies, france, russia hipocresy (they have allways been ruthless with their colonies, murderers as any powerfull nation).
Im tired of the US allways protecting the interest of the incredebly pitifull american "culture". Fucking bunch of barbarians that, come on, drool over fucking pecan pie or big-macs (that says a lot about a country).
Im tired of the damned arabs with their cocky attitude, thinking the truth is what they hold when mostly they arent even refering to the profets words, but to their own bloody local traditions (look up what the q'ran of omar says, versus to what the rest of the books say....the qran is pretty peacefull, the rest of the stories are bloody shows of animality and disgrace).
Humanity is inexistant, we are all sick, noone has the moral pull to convince anyone. All have ulterior motives, and yet, they will decide....i just hope an asteroid fucks us up before we do.
And there..... we are back to where we started.
(e.g., perl scripters are higher up the ranks than bourne scripters)
WHAT!? perl is easyer, thus, codemonkey needs less neurons
if it will get those fsking spammers off my back.ç
I swear to god ill be the first to applaud them.