Both code blocks require the math (two subtracts, two multiplies, an add, and a square root) but the original block (unoptimized) also requires the allocation of the Point object and the two memory copies to store the (x,y) location.
Unless you clone the object it is a shallow copy.... that is to say it is a reference variable pointing to the same Point object, not a refernce variable pointing to a whole new Point object.
Furthermore the compiler will optimize your code.... compile the class both ways and compare the byte code instruction with javap -c Point
I figure their open source programs like NSIS will stay open, but what about programs like shoutcast? And please tell me that someone will be maintaining BEEP
Exactly why is letting a DDoS crush your service to everyone when they attack on of your sites better than blocking customers in one group?
It would be a nice idea, but the DDoS attackers would simply have their programs assign random fake IP addresses to each phony request. They do not need to have the junk responses returned to them.
They could also spoof IPs of other servers vital to the one they are attacking so if they mistakenly blocked them they would be in a world of hurt.
If you use snort then you've upped the stakes a bit in that the spoofed traffic is quite a lot harder to create but its not impossible. You only need to lose DNS access and the system will be knackered.
Fortunately, I have whitelisted important services like DNS. But I am still very cautious about this, because it is actually much easier than you might think to trigger a positive (or even a false positive) for snort. A false positive for example would be, IIRC, sending an email (accepted or not) that does not have a newline character within 100 characters of the Content-Type header. This would be trivial to manufacture and is part of the default set of snort rules. I am sure there are other ones out there with smaller payloads for a more efficient attack. Thanks for the input, it has been very helpful:)
Are you familiar with snort2pf [gnu.org]? What do you think of it? How does it compare with what you've done?
Actually, no. I tried to find tools that did this for me, but instead I ended up making my own. Reading the description for snort2pf, it appears as though it just checks the alert for dangerous entries... it looks like a nice all in one package.
What my setup is able to do is to handle different log files and I can handle nuisance traffic too. Like http_access referrer spam (you know those damn entries for surfcorp.com/s.php?uid=1234&key=value&key= etc ) I get hundreds of bad requests from Austrailia computers so I use this to ban the IPs....
Cool, do you have this blogged somewhere? I am interested in reading more if you have written anything on the setup.
sorry no blog, but this has motivated me to get one going. However, my setup does need some work before it would be worth making public.
I've just finished a setup with snort, apf, logsurfer and a custom program to create a live repsone firewall.
snort will detect the offensive network traffic and put it into the alert log file. Logsurfer will then trigger and email me with a notice, it will run a program I wrote to blacklist the attacking IP (my program checks to make sure the IP is not already banned and makes sure the IP is not my own so I do not get locked out). Finally, my program updates the firewall to block the bastard.
The only hole I see in this setup is a DoS by attacking with different spoofed "from IPs" until the firewall rules are too big, or too many legit servers are banned.
You've got me there, the whole kitten kaboodle;) doooly noted:)
I'll use the correct phrase from now on... it funny how many phrases are understood verbally, but people (myself included) do not know how to actually write them.
W64.Rugrat is a fairly simple proof-of-concept virus. However, it is the first known virus to attack 64-bit Windows executables on IA64 systems intentionally, and it does so successfully. The virus uses a handful of Win64 API-s from 3 different libraries, NTDLL.DLL, SFC_OS.DLL and KERNEL32 respectively.
From NTDLL.DLL the viruses uses the following 3 functions LdrGetDllHandle(), RtlAddVectoredExceptionHandler() and RtlRemoveVectoredExceptionHandler(). The virus supports vectored exception handling to avoid crashing during infections.
Yes, the virus uses three DLLs. It also uses a routine to avoid crashing itself while infecting the machine... it does not look like the virus cares about crashing other applications.
The thing to pay attention to here is that this is a fault tolerant virus. I have seen more and more effort lately (Sasser for example avoids shutdowns to help it propagate) from authors trying to make their creation survive.
That is like saying Newton can't take any credit for calculus because he built off of the math that other before him created (or better yet "discovered"). Newton made claculus from the rules of math, and more specifically the rules of trigonometry.
Alan made a generic universal computer from the rules of logic. Logic itself is not computation, and cannot solve a problem, however, the application of logic can. Hence Alan is gets the credit.
stealing
1. To take (the property of another) without right or permission.
property [...]
c. Something tangible or intangible to which its owner has legal title: properties such as copyrights and trademarks.
Stealing, in short, is depriving someone goods or a service. When someone copies and album it is not stealing (but is copyright infringment) because they may not have purchased it in the first place, you cannot argue absolute property loss directly or indirectly from a situation that may never have occured (the purchase of the copyrighted work).
"You bring your car to the garage. It gets fixed and the bill comes to some amount of money. You are expected to pay the mechanic this amount."
In this case you DID get your car serviced so you DO owe money.
"Did you just steal from the city or not? You didn't take anything "physical" from them."
Again, you are misunderstanding the meaning (or perhaps citing people who have worded the point poorly). You are taking a measurable amount of electricty from the city that will directly effect their pocket book. You owe the money.
> IIRC.ZIP files were stored in plaintext, so you could easily unlock it with viewing it in a hex editor
YDNRC (you do not recall correctly)... zip files use XOR or some other simple encryption measure with the password as the key, it is not stored. The best Zip crackers take hours to crack a zip with a password length over 6 characters.
PKzip has a patent on and is using real encryption on their zip files which offers much greater protection than a zip file.
Half of his posts are about how Amazon is cheaper than bn.com and spend X more to get free shipping. I've seen a lot of trolling spamming scum like this lately.
Same text everytime too... like it is a script making the post or something.
If your are forced to say it in grade school regardless of your religion, or forced to "so help me god" in court, and when congress and judges start their sessions they are to start with a pledge clearing favoring one religions and money states "in god we trust" and ten commandments are displayed but not the tenents of every other religion (not even the tenants of any other religion for that matter)....
then the government is establishing one religion over another.
So with the current pledge of allegiance we are actually saying... athiest, polytheists, and all other non Jewish/Christian religions need not pledge their allegiance to America at all.
Is that what we want to do do? Marginalize other religions so we can someday enjoy the strife of the middle east? You are missing the point.
I've notified NYT that you've posted their copyrighted works illegally. I'm sure./ will have to remove your post after they receive a cease and desist order. The registration is in place to protect the NYT's property, not for you to smile at while you circumvent it.
lol... I haven't laughed that hard in a very long time
That "memo" looks more like an advertisment to me. Read it and see how much Bill gabs on and on about all the good things that Windows,.NET, et al provides.
Even when security is there number one priority advertising is still their other number one priority.
FUD... there is creatine in your body every moment of everyday. Escpecially if you eat fish or seafood. Two worrisome cases? Two? Sh!t the sky is falling.
Slashdot Mirror
Both code blocks require the math (two subtracts, two multiplies, an add, and a square root) but the original block (unoptimized) also requires the allocation of the Point object and the two memory copies to store the (x,y) location.
Unless you clone the object it is a shallow copy.... that is to say it is a reference variable pointing to the same Point object, not a refernce variable pointing to a whole new Point object.
Furthermore the compiler will optimize your code.... compile the class both ways and compare the byte code instruction with javap -c Point
the method is the same for both idioms:
I suspect that most of you "performance" issues do not really exist, but rather, they stem from a lack of knowledge and poor perception on your part.
I figure their open source programs like NSIS will stay open, but what about programs like shoutcast?
And please tell me that someone will be maintaining BEEP
Exactly why is letting a DDoS crush your service to everyone when they attack on of your sites better than blocking customers in one group?
It would be a nice idea, but the DDoS attackers would simply have their programs assign random fake IP addresses to each phony request. They do not need to have the junk responses returned to them.
They could also spoof IPs of other servers vital to the one they are attacking so if they mistakenly blocked them they would be in a world of hurt.
You are dead on with this one, but a better anology is:
people are not afraid of a "therapist" because it too close to "the rapist".
If you use snort then you've upped the stakes a bit in that the spoofed traffic is quite a lot harder to create but its not impossible. You only need to lose DNS access and the system will be knackered.
:)
Fortunately, I have whitelisted important services like DNS. But I am still very cautious about this, because it is actually much easier than you might think to trigger a positive (or even a false positive) for snort. A false positive for example would be, IIRC, sending an email (accepted or not) that does not have a newline character within 100 characters of the Content-Type header. This would be trivial to manufacture and is part of the default set of snort rules. I am sure there are other ones out there with smaller payloads for a more efficient attack. Thanks for the input, it has been very helpful
Are you familiar with snort2pf [gnu.org]?
What do you think of it? How does it compare with what you've done?
Actually, no. I tried to find tools that did this for me, but instead I ended up making my own. Reading the description for snort2pf, it appears as though it just checks the alert for dangerous entries... it looks like a nice all in one package.
What my setup is able to do is to handle different log files and I can handle nuisance traffic too. Like http_access referrer spam (you know those damn entries for surfcorp.com/s.php?uid=1234&key=value&key= etc ) I get hundreds of bad requests from Austrailia computers so I use this to ban the IPs....
Cool, do you have this blogged somewhere? I am interested in reading more if you have written anything on the setup.
sorry no blog, but this has motivated me to get one going. However, my setup does need some work before it would be worth making public.
I've just finished a setup with snort, apf, logsurfer and a custom program to create a live repsone firewall.
snort will detect the offensive network traffic and put it into the alert log file. Logsurfer will then trigger and email me with a notice, it will run a program I wrote to blacklist the attacking IP (my program checks to make sure the IP is not already banned and makes sure the IP is not my own so I do not get locked out). Finally, my program updates the firewall to block the bastard.
The only hole I see in this setup is a DoS by attacking with different spoofed "from IPs" until the firewall rules are too big, or too many legit servers are banned.
You forgot 5MEO-DMT and 2C-T-7
;)... honestly though, I never did the lunch hour thing.
5MEOwid.org/chemicals/5meo_dmt is a 15 minute mind blowing trip trip (great for lunch hours
2C-T-7, well it's just great.
Also you can get LSA (an LSD derivitive) from Hawiian Baby Woodrose seeds or from morning glory seeds.
And let us not forget good old san pedro cactus which is another mescaline source
You've got me there, the whole kitten kaboodle ;) :)
doooly noted
I'll use the correct phrase from now on... it funny how many phrases are understood verbally, but people (myself included) do not know how to actually write them.
W64.Rugrat is a fairly simple proof-of-concept virus. However, it is the first known virus to attack 64-bit Windows executables on IA64 systems intentionally, and it does so successfully. The virus uses a handful of Win64 API-s from 3 different libraries, NTDLL.DLL, SFC_OS.DLL and KERNEL32 respectively.
From NTDLL.DLL the viruses uses the following 3 functions LdrGetDllHandle(), RtlAddVectoredExceptionHandler() and RtlRemoveVectoredExceptionHandler(). The virus supports vectored exception handling to avoid crashing during infections.
Yes, the virus uses three DLLs. It also uses a routine to avoid crashing itself while infecting the machine... it does not look like the virus cares about crashing other applications.
The thing to pay attention to here is that this is a fault tolerant virus. I have seen more and more effort lately (Sasser for example avoids shutdowns to help it propagate) from authors trying to make their creation survive.
That is like saying Newton can't take any credit for calculus because he built off of the math that other before him created (or better yet "discovered"). Newton made claculus from the rules of math, and more specifically the rules of trigonometry.
Alan made a generic universal computer from the rules of logic. Logic itself is not computation, and cannot solve a problem, however, the application of logic can. Hence Alan is gets the credit.
from dictionary.com:
stealing
1. To take (the property of another) without right or permission.
property
[...]
c. Something tangible or intangible to which its owner has legal title: properties such as copyrights and trademarks.
Stealing, in short, is depriving someone goods or a service. When someone copies and album it is not stealing (but is copyright infringment) because they may not have purchased it in the first place, you cannot argue absolute property loss directly or indirectly from a situation that may never have occured (the purchase of the copyrighted work).
"You bring your car to the garage. It gets fixed and the bill comes to some amount of money. You are expected to pay the mechanic this amount."
In this case you DID get your car serviced so you DO owe money.
"Did you just steal from the city or not? You didn't take anything "physical" from them."
Again, you are misunderstanding the meaning (or perhaps citing people who have worded the point poorly). You are taking a measurable amount of electricty from the city that will directly effect their pocket book. You owe the money.
> IIRC .ZIP files were stored in plaintext, so you could easily unlock it with viewing it in a hex editor
YDNRC (you do not recall correctly)... zip files use XOR or some other simple encryption measure with the password as the key, it is not stored. The best Zip crackers take hours to crack a zip with a password length over 6 characters.
PKzip has a patent on and is using real encryption on their zip files which offers much greater protection than a zip file.
Four words to enjoy a movie by:
temporary suspension of belief
ooooooooooooooooooooooooooooooooohhhhhh the stinging sarcasm... I will need some therapy and meds to recover from that blow.
post like a man, not anon like a chump.
Indeed!
Half of his posts are about how Amazon is cheaper than bn.com and spend X more to get free shipping. I've seen a lot of trolling spamming scum like this lately.
Same text everytime too... like it is a script making the post or something.
based on past history ;)
as opposed to future history
sorry I couldn't resist.
If your are forced to say it in grade school regardless of your religion, or forced to "so help me god" in court, and when congress and judges start their sessions they are to start with a pledge clearing favoring one religions and money states "in god we trust" and ten commandments are displayed but not the tenents of every other religion (not even the tenants of any other religion for that matter)....
then the government is establishing one religion over another.
So with the current pledge of allegiance we are actually saying... athiest, polytheists, and all other non Jewish/Christian religions need not pledge their allegiance to America at all.
Is that what we want to do do? Marginalize other religions so we can someday enjoy the strife of the middle east? You are missing the point.
All mozilla needs to do is have code like the following:and any geek can recompile it and run it... I am sure most of us have a friend who can do it for us if we are not able to.
I've notified NYT that you've posted their copyrighted works illegally. I'm sure ./ will have to remove your post after they receive a cease and desist order. The registration is in place to protect the NYT's property, not for you to smile at while you circumvent it.
lol... I haven't laughed that hard in a very long time
ANd the NO CARRIER joke wasn't funny the first million times I've heard it. The MODS are stupid if they think this is "funny"
That "memo" looks more like an advertisment to me. Read it and see how much Bill gabs on and on about all the good things that Windows, .NET, et al provides.
Even when security is there number one priority advertising is still their other number one priority.
FUD... there is creatine in your body every moment of everyday. Escpecially if you eat fish or seafood. Two worrisome cases? Two? Sh!t the sky is falling.
No it didn't. FUD. According to
FUD = Fear, Uncertainty, and Doubt
Overexageration is not FUD. It may be inaccurate or perhaps just plain wrong, but it is not FUD.
Irregardless, this is no excuse for hosting 40GB of this tripe
if only that was actually a word I might respect your opinion.
" You probably helped put that Pawlenty drone in power. Good job."
Thanks! It kept the kook who ran against him out.
lol, you are stupid and funny
"By the way Wellstone voted against Arctic drilling"
I guess he wants the oil to come from Iran instead.
Specious reasoning... like antartica had enough oil for us anyways.
"voted YES on keeping CAFE fuel efficiency standards"
Get government out of this. Thanks for the tiny unsafe cars, Paul!
feul efficiency != tiny unsafe cars
"safe" SUV == dependancies on foriegn oil
"voted NO on defunding renewable and solar energy"
So he voted no on stopping wasting money on corporate welfare for energy corporations?
Lessens our dependencies on foriegn oil (kinda shoots doown your inane Iran allusion
"voted YES on prohibiting job discrimination by sexual orientation"
Yet, he favors companies firing people who do not join political organizations.
how?
ooooh and what about term limits, you skirted around that one.
What a bastard, indeed.
much less so than you