...Job #1: boot from the CD and partition and format the drive...
I've learned the hard way there is a Job #0. Low level format and test the hard drive (IDEs, I don't get to work with many SCSIs). This is regardless of the OS. I've seen drives fail and roughly one-third to half the time a low level format restores them to perfect working order. The first one I used this method one has been running in my home server now for more than 2 years just fine. I've not have one disk I've done this to fail, while some I skipped this step to save time have failed. I don't know why this method works, but it does.
I've since started doing this on every HD. Better to know it's good before the OS install than to find out later it's not at what will mostly likely be a bad time. And the system is down in the meantime, the client is not happy, and data may be lost.
For those interested, both Maxtor and Western Digital have a free HD tools program you can download and both sets of tools run off a floppy. Either one will work on any IDE ATAPI hard drive, regardless of manufacturer. Personally, I like the Maxtor program better.
I don't use Linux for political or ideological reasons. I use it because it works well for a few jobs. I imagine-- just making an educated guess, her-- that the vast majority of Linux users are in the same situation as me. They use it because, for whatever their purpose is, it works.
To ignore the political aspect is foolish at best. Just recently/. posted a story on Andreas Pour on KDE (interview here) where he went on at some length about the dangers of trusting your data to closed, proprietary systems. I chose Linux because I don't want to lose some of my freedom to a private corporation (*cough*MS*cough). There are times I have to bite the bullent and use Windows and Office ( and etc.), but I always look for ways to avoid them and use open systems instead.
Someone once said there are two solutions for every problem: the easy way and the right way. Freedom is the right way, and Linux gives me freedom.
I'm not so sure. First, the ISP's being sued do have the money to fight. At least they have a chance (the old justice to the highest bidder game). And they have incentive to fight.
If they win, they now have a legal precident which would help deter future lawsuits, not just from the **AA, but from anyone with a gripe about a website. Think abortion friend/foe, various religious groups, companies (MS suing to block Linux sites for instance), etc. Face it. If every web site that contained something someone didn't like was blocked, there would be very few websites. If they fail to fight, they are just inviting many more lawsuits, again, not just from the **AA (see list above).
Now the big question is are the execs at the ISPs bright enough to see this.
It's been my experience that the skill of the admin for the box (and management's willingness to let the admin do his job) has much to do with the security of the box. A good Windows admin (if you can find one) will have a more secure box than a lousy *nix admin. (If both admins are equally good, I'd bet on the *nix over windows any day.)
IMHO, Mandrake has a good idea for their install. At the end of the install, before any servers are turned on, it prompts you to update if you have an internet connection. This feature adds security relatively painlessly.
When digitizing my photos, I've found Gimp to be really helpful. Especially the image->colors->curves (although this takes practice and patience) and image->color->levels. The levels auto button does an excellent job, although sometimes I still have to manually tweak it. The clone tool has also proven useful. And gimp is open-source, free, and available for windoze users too.
Also helpful are some of the scanner tutorials out on the web. My scans improved considerably after reading just one. I wish I had read it before I bought my scanner. I would have bought a different scanner if I had.
Loading a virus scanner on an already infected machine is likely to fail. I've found however, with a little help, AVG will clean Klez. First, boot in safe mode and delete the wink-something.exe file. Then reboot and install AVG. Then update (I have it downloaded already and just use the download file to do the update). Then scan. Seems to clean rather well. To test, I then added the harddrive as a slave to a clean machine with Norton already installed. Scanned with Norton and it came back clean.
I didn't try this with Nimda, but I suspect the process is the same. If you don't clean out the running virus executable BEFORE attempting to load and clean, you won't clean.
With some virii (Klez) actively attacking Norton, and McAfee being trouble (I've lost count how many boot up problems I've traced directly to McAfee, and then this JPG nonsense), maybe there is room for a smaller player. Certainly the price of AVG, free for home use, will offer many people better protection than nothing, which is what they would other have (too cheap to buy Norton or something else).
...Then we had one of our trainers going around suggesting to users that they use their year of birth as their password...nobody knows anyone else's year of birth, right? We actually had a user at one site write THAT one down on a post-it note, too...
I can out do that easy. At a company I used to work for, the username was, in all but a handful of cases, the person's first name. I kid you not. I had 13 different individuals (and 2 were repeat offenders) who couldn't log in because they forget their username.
BTW, I suggested to one repeat offender she write it on her hand. She was upset because she thought I was calling her stupid. (I was, of course.)
Burden of proof isn't the problem. Damages are. In my case, Experian (gee, the same company mentioned in the article), has royally screwed up my report with incorrect info. I did everything proper to try and get them to correct it. They flattly refused. I went to a lawyer specializing in these matters. He told that while I did have a strong case, suing would be a bad idea. Unless I could prove damages, I wouldn't even recover my attorney fees, let alone be compensated. You have to sue in federal court BTW. Expensive.
...whenever you get an update, your Tivo gets a message for you with information about what's changed, etc...
Well, I have a tivo and my system now has the 3.0 software, but I didn't get any message other than one about tivo2 available for sale in bestbuy. Of course, I already have a tivo2...
It was only by luck I happen to notice the software upgrade. My tivo was acting strange, and I went into the system status to see what was going on.
Overall, I don't notice any change so far, except for the dail-up time is now during the day.
...it seems to me, at least in the US, that salary is based on the potential for bringing in revenue for the company.
In theory, yes, this is the way it should be. But in practice, the things I've seen make me wonder. Think about those in charge at Enron. I'm sure upper management was very well compensated. I'm sure you know the rest of the story.
There are more stories from my personal life that cast some doubt on that theory too. Too many to write now.
...Honestly, if they pass this by secret ballot, I'll have no problems voting against every incumbent..
I already do vote against every incumbent. (Of course, since 1992, I've haven't voted for a winner.) Anyway, the founders of the US wanted citizen legislators. Serve 1 or 2 terms then go home. That's why George Washington didn't run again after his second term. This ideal has sadly been forgotten.
...every time I send an email to a college professor asking about one of his papers or send an email to someone who posts on Slashdot I'm gunna get carted off because it is unsolicited email...
Most people consider unsolicited COMMERICAL email as spam. Asking a professor about a paper is usually not considered commerical. Therefore, it's not considered spam by most people and they probably won't object to strongly.
...the first thing to go will be...expensive-to-produce (SFX, CGI, and quality production values) shows. Instead, you'll see cheap reality TV crap and other things that can be done on a shoe-string budget.
Maybe I'm weird, but I rather watch a GOOD story with lousy special effects, than a horrible story with good special effects any day. Yes, the effects are nice, but when I watch tv, it is for the story.
Another note from bugtraq that will really push the numbers in favor of Windows. I quote: "* There is a distinct difference in the way that vulnerabilities are counted for Microsoft Windows and other operating systems. For instance, applications for Linux and BSD are often grouped in as subcomponents with the operating systems that they are shipped with. For Windows, applications and subcomponents such as Explorer often have their own packages that are considered vulnerable or not vulnerable outside of Windows and therefore may not be included in the count. This may skew numbers." MAY?!?!? More likely WILL.
So let's see. IE vulnerabilities aren't counted. There goes the fairness in the numbers right there. Was IIS counted?
while Windows is generally limited to relatively standard installations
I once got my hands on the oem installation kit and read through the licensing and instructions. Although I didn't understand everything, one thing I did understand is the OEMs, with a few very minor exceptions, must do a default install. They are prohibited, for instance, from removing or disabling IIS. I bet that'll make a big difference in the exploitablity of any bug and hence security.
When you use a non AIM client, you will likely NOT see the advertisements, thus there IS a loss of ad revenue...but one of the main issues here is that the AIM clones do not display the AIM advertisements.
I sometimes use the OFFICIAL AIM client for Linux. No ads there (yet!). If ads are so important, then how come an official client doesn't display ads? Given that, how can ads really be an issue?
Bombs are a whole new level though. It may infringe on his free speech rights...
Free speech is a precious thing and you should always defend free speech, even speech you don't like. Why? Because if it's ok to limit someone else's speech, how long before it's ok to limit yours?
It's one thing to have and even construct guns...
Our constitution gives us the right to bear arms. Not firearms, arms. A bomb is an arm, just as a knife is or a stun gun is. Unfortunately, that view is not shared by many who make our laws. I've lived in a city where guns, which can kill at a distance, are legal, but you are breaking the law if you have a stun gun, which won't kill period. Somehow the fact the city has drive-by shootings which do kill people, but no drive-by stun-gunnings seems to escape the politicians. Personally, I'd rather be stun-gunned than shot, and I have been shot.
I hope the open source directory takes off and actually takes in editors. I applied to DMOZ for a not too large category and got an instant rejection saying new editors should apply for a smaller category. Ok, I reapplied on for a much smaller category. That was about 2 months ago. (Both categories needed an editor, BADLY). Still haven't heard back. I begin to wonder if DMOZ is even using editors anymore.
As a followup, I tried it with just two blank spaces after the begin and everything was readable. Spaces were not stripped out. However, if I added a word after the two spaces (on the same line), sure enough, I got an illegible attachment. (Unless you count looking at the source, which was exactly as I sent it.)
Re:The best way to convert people from Microsoft..
on
Borking Outlook Express
·
· Score: 2, Interesting
From here on out, everything I post to mailing list and newsgroups will begin with:
Virus infected or Microsoft software may be confused by the following message:
begin
<aside>Good Joke</aside>
Maybe I'm missing something, but I tried that message beginning and some other text (sent from Mozilla 0.9.7+), back to myself and read it just fine with Outlook Express 5.01 SP2. No exchange servers in-between.
I'm wondering if the problem only affects Outlook and not Outlook Express, or is it only certain versions???
While I agree that catching the person behind this, and giving them real punishment, is the best solution, it is not the only one.
There have been a couple stories on/. already about those with insecure networks being sued and forced by the courts to shutdown until they can secure their networks. This (and others) ddos is probably coming from insecure computers. Yet, if you track down some of these computers, all but the smallest ISP's could care less that their network is being used to attack someone.
Perhaps some laws that make it easier and cheaper to shutdown the insecure computers will help put a stop to that. Perhaps something similar to the DMCA with regards to copyright infrigement, where if the ISP pulls the plug, they have legel liability protection, only with strong penalities for making a false report.
Slashdot Mirror
It only take one person to sound the alarm on a patch. Once that alarm is sounded, more eyeballs will look.
I've learned the hard way there is a Job #0. Low level format and test the hard drive (IDEs, I don't get to work with many SCSIs). This is regardless of the OS. I've seen drives fail and roughly one-third to half the time a low level format restores them to perfect working order. The first one I used this method one has been running in my home server now for more than 2 years just fine. I've not have one disk I've done this to fail, while some I skipped this step to save time have failed. I don't know why this method works, but it does.
I've since started doing this on every HD. Better to know it's good before the OS install than to find out later it's not at what will mostly likely be a bad time. And the system is down in the meantime, the client is not happy, and data may be lost.
For those interested, both Maxtor and Western Digital have a free HD tools program you can download and both sets of tools run off a floppy. Either one will work on any IDE ATAPI hard drive, regardless of manufacturer. Personally, I like the Maxtor program better.
I don't use Linux for political or ideological reasons. I use it because it works well for a few jobs. I imagine-- just making an educated guess, her-- that the vast majority of Linux users are in the same situation as me. They use it because, for whatever their purpose is, it works.
To ignore the political aspect is foolish at best. Just recently /. posted a story on Andreas Pour on KDE (interview here) where he went on at some length about the dangers of trusting your data to closed, proprietary systems. I chose Linux because I don't want to lose some of my freedom to a private corporation (*cough*MS*cough). There are times I have to bite the bullent and use Windows and Office ( and etc.), but I always look for ways to avoid them and use open systems instead.
Someone once said there are two solutions for every problem: the easy way and the right way. Freedom is the right way, and Linux gives me freedom.
I'm not so sure. First, the ISP's being sued do have the money to fight. At least they have a chance (the old justice to the highest bidder game). And they have incentive to fight.
If they win, they now have a legal precident which would help deter future lawsuits, not just from the **AA, but from anyone with a gripe about a website. Think abortion friend/foe, various religious groups, companies (MS suing to block Linux sites for instance), etc. Face it. If every web site that contained something someone didn't like was blocked, there would be very few websites. If they fail to fight, they are just inviting many more lawsuits, again, not just from the **AA (see list above).
Now the big question is are the execs at the ISPs bright enough to see this.
It's been my experience that the skill of the admin for the box (and management's willingness to let the admin do his job) has much to do with the security of the box. A good Windows admin (if you can find one) will have a more secure box than a lousy *nix admin. (If both admins are equally good, I'd bet on the *nix over windows any day.)
IMHO, Mandrake has a good idea for their install. At the end of the install, before any servers are turned on, it prompts you to update if you have an internet connection. This feature adds security relatively painlessly.
at Canon's website stating that this particular printer is not supported in WinXP...
Well, at least XP users now have something in common with nix users...hardware compatibility problems.:)
When digitizing my photos, I've found Gimp to be really helpful. Especially the image->colors->curves (although this takes practice and patience) and image->color->levels. The levels auto button does an excellent job, although sometimes I still have to manually tweak it. The clone tool has also proven useful. And gimp is open-source, free, and available for windoze users too.
Also helpful are some of the scanner tutorials out on the web. My scans improved considerably after reading just one. I wish I had read it before I bought my scanner. I would have bought a different scanner if I had.
Loading a virus scanner on an already infected machine is likely to fail. I've found however, with a little help, AVG will clean Klez. First, boot in safe mode and delete the wink-something.exe file. Then reboot and install AVG. Then update (I have it downloaded already and just use the download file to do the update). Then scan. Seems to clean rather well. To test, I then added the harddrive as a slave to a clean machine with Norton already installed. Scanned with Norton and it came back clean.
I didn't try this with Nimda, but I suspect the process is the same. If you don't clean out the running virus executable BEFORE attempting to load and clean, you won't clean.
With some virii (Klez) actively attacking Norton, and McAfee being trouble (I've lost count how many boot up problems I've traced directly to McAfee, and then this JPG nonsense), maybe there is room for a smaller player. Certainly the price of AVG, free for home use, will offer many people better protection than nothing, which is what they would other have (too cheap to buy Norton or something else).
You didn't read the sarcasm in the comment. To the best of my knowledge, MS has not released a patch. The "patch" mentioned is to switch to mozilla.
I can out do that easy. At a company I used to work for, the username was, in all but a handful of cases, the person's first name. I kid you not. I had 13 different individuals (and 2 were repeat offenders) who couldn't log in because they forget their username.
BTW, I suggested to one repeat offender she write it on her hand. She was upset because she thought I was calling her stupid. (I was, of course.)
Burden of proof isn't the problem. Damages are. In my case, Experian (gee, the same company mentioned in the article), has royally screwed up my report with incorrect info. I did everything proper to try and get them to correct it. They flattly refused. I went to a lawyer specializing in these matters. He told that while I did have a strong case, suing would be a bad idea. Unless I could prove damages, I wouldn't even recover my attorney fees, let alone be compensated. You have to sue in federal court BTW. Expensive.
...whenever you get an update, your Tivo gets a message for you with information about what's changed, etc...
Well, I have a tivo and my system now has the 3.0 software, but I didn't get any message other than one about tivo2 available for sale in bestbuy. Of course, I already have a tivo2...
It was only by luck I happen to notice the software upgrade. My tivo was acting strange, and I went into the system status to see what was going on.
Overall, I don't notice any change so far, except for the dail-up time is now during the day.
In theory, yes, this is the way it should be. But in practice, the things I've seen make me wonder. Think about those in charge at Enron. I'm sure upper management was very well compensated. I'm sure you know the rest of the story.
There are more stories from my personal life that cast some doubt on that theory too. Too many to write now.
I already do vote against every incumbent. (Of course, since 1992, I've haven't voted for a winner.) Anyway, the founders of the US wanted citizen legislators. Serve 1 or 2 terms then go home. That's why George Washington didn't run again after his second term. This ideal has sadly been forgotten.
Most people consider unsolicited COMMERICAL email as spam. Asking a professor about a paper is usually not considered commerical. Therefore, it's not considered spam by most people and they probably won't object to strongly.
Maybe I'm weird, but I rather watch a GOOD story with lousy special effects, than a horrible story with good special effects any day. Yes, the effects are nice, but when I watch tv, it is for the story.
Another note from bugtraq that will really push the numbers in favor of Windows. I quote: "* There is a distinct difference in the way that vulnerabilities are counted for Microsoft Windows and other operating systems. For instance, applications for Linux and BSD are often grouped in as subcomponents with the operating systems that they are shipped with. For Windows, applications and subcomponents such as Explorer often have their own packages that are considered vulnerable or not vulnerable outside of Windows and therefore may not be included in the count. This may skew numbers." MAY?!?!? More likely WILL.
So let's see. IE vulnerabilities aren't counted. There goes the fairness in the numbers right there. Was IIS counted?
while Windows is generally limited to relatively standard installations
I once got my hands on the oem installation kit and read through the licensing and instructions. Although I didn't understand everything, one thing I did understand is the OEMs, with a few very minor exceptions, must do a default install. They are prohibited, for instance, from removing or disabling IIS. I bet that'll make a big difference in the exploitablity of any bug and hence security.
When you use a non AIM client, you will likely NOT see the advertisements, thus there IS a loss of ad revenue...but one of the main issues here is that the AIM clones do not display the AIM advertisements.
I sometimes use the OFFICIAL AIM client for Linux. No ads there (yet!). If ads are so important, then how come an official client doesn't display ads? Given that, how can ads really be an issue?
Bombs are a whole new level though. It may infringe on his free speech rights...
Free speech is a precious thing and you should always defend free speech, even speech you don't like. Why? Because if it's ok to limit someone else's speech, how long before it's ok to limit yours?
It's one thing to have and even construct guns...
Our constitution gives us the right to bear arms. Not firearms, arms. A bomb is an arm, just as a knife is or a stun gun is. Unfortunately, that view is not shared by many who make our laws. I've lived in a city where guns, which can kill at a distance, are legal, but you are breaking the law if you have a stun gun, which won't kill period. Somehow the fact the city has drive-by shootings which do kill people, but no drive-by stun-gunnings seems to escape the politicians. Personally, I'd rather be stun-gunned than shot, and I have been shot.
Actually, I don't think the would have come in so heavily armed if it was just a child molester. :^)
I hope the open source directory takes off and actually takes in editors. I applied to DMOZ for a not too large category and got an instant rejection saying new editors should apply for a smaller category. Ok, I reapplied on for a much smaller category. That was about 2 months ago. (Both categories needed an editor, BADLY). Still haven't heard back. I begin to wonder if DMOZ is even using editors anymore.
As a followup, I tried it with just two blank spaces after the begin and everything was readable. Spaces were not stripped out. However, if I added a word after the two spaces (on the same line), sure enough, I got an illegible attachment. (Unless you count looking at the source, which was exactly as I sent it.)
From here on out, everything I post to mailing list and newsgroups will begin with:
Virus infected or Microsoft software may be confused by the following message:
begin
<aside>Good Joke</aside>
Maybe I'm missing something, but I tried that message beginning and some other text (sent from Mozilla 0.9.7+), back to myself and read it just fine with Outlook Express 5.01 SP2. No exchange servers in-between.
I'm wondering if the problem only affects Outlook and not Outlook Express, or is it only certain versions???
While I agree that catching the person behind this, and giving them real punishment, is the best solution, it is not the only one.
There have been a couple stories on /. already about those with insecure networks being sued and forced by the courts to shutdown until they can secure their networks. This (and others) ddos is probably coming from insecure computers. Yet, if you track down some of these computers, all but the smallest ISP's could care less that their network is being used to attack someone.
Perhaps some laws that make it easier and cheaper to shutdown the insecure computers will help put a stop to that. Perhaps something similar to the DMCA with regards to copyright infrigement, where if the ISP pulls the plug, they have legel liability protection, only with strong penalities for making a false report.