The problem is that the internet is not symmetrical. Eyeball ISPs will always have 100+:1 download vs upload ratios. So they can't ask for 1:1 peering ratios.
I'd say the ISP benefits from the peering with netflix, they get happy customers, netflix doesn't soak their transit, and they get more control over where netflix enters their network. Peering + local caches can reduce the 'cost' of netflix to the ISP to just some switch ports.
The attacker in this case was only armed with a known exploit for vBulletin. I am guessing they didn't even know NetIQ was there.
Using any external authentication system would be a benefit in the case of a vBulletin exploit, as vBulletin is going to give the attacker full access to your SQL database, so having your passwords stored somewhere else, will require the attacker to be more than a run-of-the-mill website defacer.
The video explains it, but it allows programs to 'drop' capabilities they no longer need.
For example, tcpdump needs root access to open the network interface, but after that it can give up those capabilities, so if there is a bug in tcpdump and it gets compromised by a maliciously crafted packet, the attacker does not have an excess privileges to exploit.
Slashdot Mirror
The problem is that the internet is not symmetrical. Eyeball ISPs will always have 100+:1 download vs upload ratios. So they can't ask for 1:1 peering ratios. I'd say the ISP benefits from the peering with netflix, they get happy customers, netflix doesn't soak their transit, and they get more control over where netflix enters their network. Peering + local caches can reduce the 'cost' of netflix to the ISP to just some switch ports.
The attacker in this case was only armed with a known exploit for vBulletin. I am guessing they didn't even know NetIQ was there. Using any external authentication system would be a benefit in the case of a vBulletin exploit, as vBulletin is going to give the attacker full access to your SQL database, so having your passwords stored somewhere else, will require the attacker to be more than a run-of-the-mill website defacer.
The video explains it, but it allows programs to 'drop' capabilities they no longer need. For example, tcpdump needs root access to open the network interface, but after that it can give up those capabilities, so if there is a bug in tcpdump and it gets compromised by a maliciously crafted packet, the attacker does not have an excess privileges to exploit.
Difference between number of requests vs size/volume of transfer
S3500 = 140TB for 240GB model
S3700 = 3650TB for 200GB model
The S3700 are good for '10 drive writes per day for 5 years' (3650 TB write on a 200 GB)
And the PlayStation4 is full of FreeBSD.