Slashdot Mirror


User: gmuslera

gmuslera's activity in the archive.

Stories
0
Comments
4,966
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,966

  1. Re:How does it stack up against... on Firewalls and Internet Security, 2nd Ed. · · Score: 4, Informative
    Or with Practical Unix and Internet Security, that in this month was released the 3rd edition.

    I know, this one could talk less about firewalls and windows and more about unix, but anyway, is good to see in what is better and in what not.

  2. Re:It'll never work... on Cornucopia of Spam · · Score: 1

    A small step for a city, a big jump for the world. Big changes sometimes starts by little things, after a state do this, countries could follow.

  3. Re:What is the best software techinical solution n on Cornucopia of Spam · · Score: 1

    POPFile. It have even an installer for windows, or you can use it in a more serious plataform. Is simply wonderful how good it works.

  4. Re:like wondershaper does for months now? on Better Bandwidth Utilization · · Score: 4, Informative

    Second revisions are always better. It prioritizes small packets (of less of 64 bytes), and I suppose that this include ACKs :)

  5. Re:like wondershaper does for months now? on Better Bandwidth Utilization · · Score: 4, Informative

    Wondershaper uses other approach, like having a scheduler and (de)prioritize certain ports and hosts . I think that right now it not specially prioritize TCP ack, and, well, that could improve the good job what do wondershaper right now if it works.

  6. How to better utilize bandwidth on Better Bandwidth Utilization · · Score: 4, Funny

    rule 1: don't put an article in slashdot pointing to your site

  7. Re:Not quite on Cornucopia of Spam · · Score: 1
    From your previous list
    • Bayesian filtering blacklisting: this are local measures, this affects you only, and the others that takes them
    • artificial bandwidth scarcity: at the best, it can take out your users from spammers users list, at the worst, they will not care (for the ones that use open relays, i.e.). Still, will be a local measure.
    • aggressive collection of fines: the $500 one? anyway, means legislation.
    • targeting of domains that are advertised: how? enforcing ISP policies about spam? and what if the ISP (from Verio to most in .cn) is spam friendly or doesn't care? That also could mean legislation.

    Having legislation and expanding them worldwide in some way is more like a cure than technical measures (is expressely prohibited, not that some hackers do this to limit my rights).

    You can have local technical measures, but this is not guarantee that the spammers don't find a way to bypass them (i.e. most of spam that reach me by now have modified words to bypass bayesian filters, like v*i*a*g*r*a, V1AGRA or embedded html comments, fortunatelly popfile also have workarounds for most of this). Having a good percent of domains that implement that measures will be bad for spammers, of course, but there still a long way to go before this is reached.

  8. Re:What's the point? on Cornucopia of Spam · · Score: 1, Funny
    I once managed to track a spammer to a town about 2 hours drive from where I live. If I had been able to collect $500 out of my efforts, it is something that I would do more often...

    A better thing would be having a 00Spammed number, a license to kill spammers. This also will make "economically" inviable to be an spammer.

  9. Re:Techinical solution on Cornucopia of Spam · · Score: 2, Insightful

    Following with the analogy of an infection... you can cure the symptoms or cure the disease as a whole. Doing things in your side simply minimizes how you feel about the problem of the spam ("it almost not happens to me"), but it will still rampart in the rest of internet, slowing things, making email an unreliable method of communication, and people will still be buying things from spammers. This only will make the problem grow much bigger and not matter what measures you had taken, you will be also as affected as the rest of the world.

  10. $500 a piece? on Cornucopia of Spam · · Score: 2, Funny

    Space tourism will have a boom after this gets approved... what else will all do with so much money?

  11. Re:Why not? on China Wants To Establish Moon Mining · · Score: 1
    If your are thinking of retrieving from the moon such as percent of the mass, well, think also in the timeframe, by this moment we well live in orbital stations or outside the solar system. And probably there will be no China here, nor USA, at this moment.

    More than this, if earth gains such mass, maybe we should think that could be a (minor) gravity change here.

    Anyway, if I have to choose that someone destroy moon "environment" or destroy earth environment with mining, I prefer that someone takes the trouble to mine the moon.

  12. Re:X Terminals on What High End Unix Features are Missing from Linux? · · Score: 1
    In KDE 3.1 you have even a menu option called start a new session.

    And if you are talking about remote X terminals, is just changing an option en xdm/kdm/gdm.conf and you have all the remote terminals you want (of course, if you have enough memory/cpu/etc to run all those apps).

  13. Re:A better Fix on ISS Discovers A Remote Hole In Sendmail · · Score: 1
    I meaned in the same way that CodeRed/Nimda bypassed firewalls, if you have one and feel safe, but receive connection to services, well, there will be problems.

    And about setting it in the DMZ, if the real mail server is there and is hacked that way, then still will be a big problem, DMZ or not, because there will be all the accounts, and if you want to hack a internal LAN with this, just fill the mailboxes with outlook exploits (bypassing measures you already implemented in the server) or just read/forward outside the mail and the damage will be done.

    For that I prefer a smtp proxy in the DMZ, that forwards mail to the real mail server. Oh, and in this scheme I use postfix anyway .)

  14. Re:Bypasses _some_ SMTP proxies on ISS Discovers A Remote Hole In Sendmail · · Score: 1

    I think RBL have no use if you use an smtp proxy, the connection to the core server always come from your proxy, and this one is not listed in RBL (at least, for the rbl support of sendmail/postfix) Of course, there are more antispam measures at server level that don't are just RBL checking, and RBL checking in the border server is ok

    Having a border server and a core server usually means that if a server have a vulnerability, the border server will catch it and the core one (where the accounts really are) will be safe, but in this case if the border server let the message pass, then the core server will also hacked.

  15. Re:Since no one else will say it... on ISS Discovers A Remote Hole In Sendmail · · Score: 1

    With Microsoft you could have trouble if you announce the vulnerability to the public before to Microsoft (as with most vendors). The "normal" MS vulnerability announce is when they finally do the fixes, so is within 0 hours of being announced .)

    That should be right now the trend on when announce problems, but last apache vulnerability, if I remember well, was announced before apache had a fix because it was not adviced the right people, if I remember well, but anyway, even with this, the fix was out a few hours later

  16. Re:ISS? on ISS Discovers A Remote Hole In Sendmail · · Score: 1

    If it was found by the International Space Station, maybe it should be a remote black hole.

  17. A better Fix on ISS Discovers A Remote Hole In Sendmail · · Score: 2, Offtopic
    Postfix.

    A remote root exploit for the maybe more used mail server in the planet, one that can bypass firewalls if connection with the smtp server is possible, or even with smtp proxies in the middle, is a nasty one. Specially when as it is so widely deployed, even with the months "needed" to make a worm of it, a big amount of vulnerable server will remain.

    At least it cold be used as an opportunity to fix mail servers which have administrators that don't care and are used as open relays.

  18. Re:CAPTCHA'a on ISP Operator Barry Shein Answers Spam Questions · · Score: 1
    Is a scheme like TMDA that have the problem that you are confirming that your email address exist, only that with captcha you are using graphics instead of text.

    But, can't a TMDA scheme be used even before checking that the recipient exist? This way you server will check that all messages are having someone behind, without necessary confirming that the address exist. Of course, with this way you'll have a server-based whitelist, instead of user-based, but at least it will not say what addresses are valid alone.

  19. Killing the messenger... on Pointless IT Innovations Considered Harmful · · Score: 1
    I don't think that innovations are bad per se, there are much more involved in this, inertia, marketing, managers, that if not explains alone why some innovations failed, joined could be a recipe for disaster.

    I think innovations are a good thing, but not necessary patented (or in some way with restricted use for only few players) innovations, things that in a way or other get tied to a product or company and sink with it, with no opportunity of rebuilding it in some more sucessful way by the same company or others.

    Also revolutionary innovations, those that change the way we see some technology, are the ones that have the potential of changing it all, or fail, because adoption will not be as fast as evolutionary innovations, the ones that are improvements over existing technologies (a simple example could be MCA vs EISA, one completely new, other an evolution of an existing standard).

  20. TarSlash on TarProxy Creates Tar Pit... For Spammers · · Score: 1, Redundant

    This new program makes a breakthrough in artificial intelligence technology.

    Giving the actual threat of "Slashdotting" (TM), the the high rate of internet use, and the geometrical increase of Slashdot hard disk usage, this kind of advance is a God-given gift.

    Essentially, it slow downs news sites posting duplicates articles, slowing down the comment rate, and the people that follow links or make a big hit in remote site performance have now little performance impact (the ones that still follow the link have in their cache most of the remote site content already).

    "Its wonderful" a webmaster says... "wish that more high traffic news sites use that technology. The risk that a site with a cool technology will stop answering requests has clearly decreased since the introduction of TarSlash"

    In related news, Slashdot administrators have found that news posting has increaed the compressed ratio in the archives. There are several theories that could explain that, maybe english is evolving and this last times fewer different words are used, increasing compress ratio, or articles language is being normalized, so postings are slowly being more similar each time.

  21. Re:War, Linux, and Microsoft (dark humor) on U.S. Army's Future Combat System Will Run Linux · · Score: 1
    If all computers there have the dancing talking paperclip running, chinese will kill themselves.

    Bah, another way to win a war with computers is making enemies program in Modula2.

  22. Re:Oh, great. on U.S. Army's Future Combat System Will Run Linux · · Score: 1
    If you are worried of the future of this, what about embedded linux in little things like the ones in Screamers movie/Second Variety PKDick's Tale?

    If you thing such things are very far in the future, they could be not so far of Matilda, used right now to search (not destroy... yet) Talibans in Afganistan.

  23. Re:Know thy enemy? on U.S. Army's Future Combat System Will Run Linux · · Score: 2, Insightful

    Linux is GPL, modifications that they do to specifically linux or other GPL app should be GPL also (at this only means that the source must be distributed like the binaries, no more, no less), but applications that run over all of this don't need to be.

  24. So the rumors are true... on U.S. Army's Future Combat System Will Run Linux · · Score: 4, Funny

    .. .the next "killer app" will be for Linux

  25. A first step on Minnesota Spam And Privacy Act Takes Effect · · Score: 2, Insightful
    There still will be spam, but some will be identifiable, at least the ones that have some respect for law or customers.

    As a side effect, the others that send spam could be easily clasified as foreign or without care about law and costumers, and maybe with this some people that efectively buy spamvertised products will not follow that kind of spammers