What happened to most current protocols developed recently? Exchange is one that comes to mind...
I'm not sure what protocol you're referring to when you say Exchange. Are you talking about, perchance, Microsoft Exchange Server? The one that uses X.400 for site-to-site communication? The X.400 that uses ASN.1 encoding?
If you put up a machine to get hacked (a honeypot), aren't you partially responsible for any attacks to other machines that blackhats launch from that machine?
To sum it up: they don't let spoofed packets out of their network, and limit a machine to 5 outbound connections (over some time period, I suppose, although it doesn't really say), after which the system is marked as compromised and can then be reloaded, or whatever...
Gee, one thinks they should have encoded the web site domain in the certificate so browsers could immediately reject a Microsoft certificate not from microsoft.com
It's a code-signing certificate. Not a certificate for a web site.
Even then, people have thought of this problem. That's why you revoke certificates. The only problem is that Microsoft doesn't check for revoked certificates. This has been brought up before, with no action on Microsoft's part... until now, when it's too late.
The "server" command switches the name server, looking up the IP address for the new server using the current nameserver. So if your current nameserver is set to dns7.cp.msft.net, then of course it's going to time out with the command "server dns6.cp.msft.net."
Oops, that was silly of me. I never realized I'd switched to a broken nameserver, and was then trying to use it...
But, the reason I searched for microsoft.com the first time was I wanted the SOA for microsoft.com, the domain. Then, once I found the authoritative nameserver for microsoft.com, I wanted the A record for www.microsoft.com, as it is certainly the most used hostname... I didn't want to check microsoft.com. Still scarred from the days when dejanews.com and www.dejanews.com weren't the same place.
> set type=soa
> microsoft.com
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
microsoft.com
primary name server = dns.cp.msft.net
responsible mail addr = msnhst.microsoft.com
serial = 2001012306
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 7200000 (83 days 8 hours)
default TTL = 7200 (2 hours)
microsoft.com nameserver = DNS7.cp.msft.net
microsoft.com nameserver = DNS6.cp.msft.net
microsoft.com nameserver = DNS4.cp.msft.net
microsoft.com nameserver = DNS5.cp.msft.net
DNS7.cp.msft.net internet address = 207.46.138.21
DNS6.cp.msft.net internet address = 207.46.138.20
DNS4.cp.msft.net internet address = 207.46.138.11
DNS5.cp.msft.net internet address = 207.46.138.12
> server dns7.cp.msft.net
Default Server: dns7.cp.msft.net
Address: 207.46.138.21
> set type=a
> www.microsoft.com
Server: dns7.cp.msft.net
Address: 207.46.138.21
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to dns7.cp.msft.net timed-out
> server dns6.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns6.cp.msft.net: Timed out
> server dns4.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns4.cp.msft.net: Timed out
> server dns5.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns5.cp.msft.net: Timed out
>
The sad thing is, the way DNS info is cached, is that it takes a fairly long outage for anyone to even notice.
Anyway, the above says: dns4,5,6 and 7.cp.msft.net are responsible for giving out Microsoft's DNS information. And they all timed out.. strange. It seems too concidental to not be an attack.
It says the backdoor exists in the open source version they released. Which is probably how it was discovered. So they put a backdoor account in there, forgot about it, decided to open-source their product, and.. oops.
Guess that'll teach companies a lesson about open-sourcing your products: go through and take out all your backdoors first!
Poor little techs... with the puppy dog eyes... we wouldn't want them to do their job now would we?!
Keep in mind that with the amazing leap in the need for tech support people, they take people off the street and give them some basic training and let them loose. Kinda like fast food workers or migrant farm workers.. Except fast food workers don't think that knowing how to use a cash register makes them better than someone who doesn't.
Well, I'm sure everybody here appreciates you setting me straight
Well, saying that 'a dual PPro box with 1Gig of memory' couldn't handle the load of 100 users is misrepresenting Exchange. It sounds like that server WAS a place for the 25% VP population to store every document or funny little executable they found. Maybe you should look into setting up size limits on mailboxes, they work wonders. Or how about a policy on document retention? That way all those old incriminiating memos can't be subponead. Exchange's mailbox manager can delete old items automatically.
Don't get me wrong, I'm not in love with Exchange, but it does have some useful features, and since I'm stuck with it, I might as well learn how to use it...
having to set up and configure 'Profiles' for every bloody user on the server.
How is the server going to know about the users if they don't exist? Or does your existing setup just automatically create a mailbox whenever someone connects to your mail server?
Then there's the whole virus/worm thing!
Exchange is a system for transporting mail. Sendmail is just as adept at forwarding macro virus infected emails.
we used to run the Exchange server on a dual PPro box with 1Gig of memory. This couldn't handle the load (of approx 100 users)!!!
That's odd. We have 400 users on a dual PPro with 1/2 Gig of memory. No problems at all.
I'm more than confident a UNIX box running sendmail/pop/imap/webmail/etc. would be able to handle the load just fine, and then some.
Sure it would, but then you wouldn't have all of the features of Exchange... like.. uhm.. er.. well.. I never said I liked the product, just that you were a little off on some of your statements. (Ok, it does make collaboration easier, as it has integrated support for things that although possible on other systems are more of a hack).
that what made the Obfuscated C contest funny was its novelty
And what's so original about just cramming your code into unrecognizable encrypted garbage? Where's the style? Whatever happened to a program whose source code formed an ASCII graphic of what it would do, or something...
it seems that the series will be a visual masterpiece, nothing like the horrible David Lynch adaptation... The director of photography for the new series, Vittorio Storaro, is widely known as "the master of color" - and I think this is justified - so the film will probably be beyond eye candy
1. Not everyone thinks the David Lynch adaptation was horrible (of course, some people are so enamored of Dune that they'll watch/buy anything with the name... [raises hand])
2. "the master of color" -- so that means the Fremen now get blue glowing eyes like indiglo watches?! How colorful is the desert?
I was actually thinking of picking up the new Dune book today at the bookstore, but not for $28 dollars! (Not even for $20...). Instead, I got a DVD for $10. Maybe that's why I shop at Half-Price books a lot...
The first Dune prequel was entertaining, and irrestible because it was Dune, but a very, very light and quick read with little to no suspense. But I still liked it.
The way to make money off the 'net is not to sell hardware as a loss-leader
Maybe somebody should tell that to Sony...
Granted, the PS2 is not exactly strictly "making money off the net," but... it IS network enabled.
Because it points out that most of these bugs have been FIXED in Mozilla, but not in Netscape, because Netscape doesn't want their release schedule to slip...
It looks like, to me, that this geek press is a page of the type they're talking about. A page that links to the 'false' pages with the proper keywords. So, are they deliberately helping these people out, or is it just an ironic coincidence?
My 3 year old Panasonic CF-25 has a handle.... They've both been nocked off my desk, out of the car (a Jeep, onto the concrete floor of the parking garage... don't ask:), used in the rain, etc, and both are still in near perfect condition
Cheater! If memory serves me, isn't the Panasonic CF-25 a ruggedized laptop? We used to push it off a table during training classes just to see the reaction of the trainees...
There was a movie or TV show with this sorta plot... cybersex was so real that some people never had the real thing, and never missed it... then they started to get paranoid about it, thinkin' about diseases (in a future where STDs had been wiped out) and such... anyone have any idea what this movie was
Well, there was something similar in Demolition Man, but that's probably not what you're thinking of..
You still have to buy a certificate from one of the big CAs or else people will get scary errors in their browsers... I don't suppose there are any free CAs out there that are already setup in IE by default? (I think I know the answer to that already).
Slashdot Mirror
My guess is that User Friendly's readership comes primarily from wanna-bes
Yep, that sounds about right (i agree with this from first-hand observations).
PS: If bandwidth is so cheap how come DSL companies are going out of business
DSL companies are going out of business because... bandwidth is so cheap. And it's their own fault.
and AOL owns Time Warner? This would tend to imply that low bandwidth connections are still the order of the day.
Why? Are you saying AOL=dialup, and Time-Warner=cable? There's a LOT more to both of those companies than either of those two things...
What happened to most current protocols developed recently? Exchange is one that comes to mind...
I'm not sure what protocol you're referring to when you say Exchange. Are you talking about, perchance, Microsoft Exchange Server? The one that uses X.400 for site-to-site communication? The X.400 that uses ASN.1 encoding?
If you put up a machine to get hacked (a honeypot), aren't you partially responsible for any attacks to other machines that blackhats launch from that machine?
This is explained in the main paper:
http://project.honeynet.org/papers/honeynet/
To sum it up: they don't let spoofed packets out of their network, and limit a machine to 5 outbound connections (over some time period, I suppose, although it doesn't really say), after which the system is marked as compromised and can then be reloaded, or whatever...
Gee, one thinks they should have encoded the web site domain in the certificate so browsers could immediately reject a Microsoft certificate not from microsoft.com
It's a code-signing certificate. Not a certificate for a web site.
Even then, people have thought of this problem. That's why you revoke certificates. The only problem is that Microsoft doesn't check for revoked certificates. This has been brought up before, with no action on Microsoft's part... until now, when it's too late.
Wow, talk about free advertising..
The "server" command switches the name server, looking up the IP address for the new server using the current nameserver. So if your current nameserver is set to dns7.cp.msft.net, then of course it's going to time out with the command "server dns6.cp.msft.net."
Oops, that was silly of me. I never realized I'd switched to a broken nameserver, and was then trying to use it...
But, the reason I searched for microsoft.com the first time was I wanted the SOA for microsoft.com, the domain. Then, once I found the authoritative nameserver for microsoft.com, I wanted the A record for www.microsoft.com, as it is certainly the most used hostname... I didn't want to check microsoft.com. Still scarred from the days when dejanews.com and www.dejanews.com weren't the same place.
> set type=soa
> microsoft.com
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
microsoft.com
primary name server = dns.cp.msft.net
responsible mail addr = msnhst.microsoft.com
serial = 2001012306
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 7200000 (83 days 8 hours)
default TTL = 7200 (2 hours)
microsoft.com nameserver = DNS7.cp.msft.net
microsoft.com nameserver = DNS6.cp.msft.net
microsoft.com nameserver = DNS4.cp.msft.net
microsoft.com nameserver = DNS5.cp.msft.net
DNS7.cp.msft.net internet address = 207.46.138.21
DNS6.cp.msft.net internet address = 207.46.138.20
DNS4.cp.msft.net internet address = 207.46.138.11
DNS5.cp.msft.net internet address = 207.46.138.12
> server dns7.cp.msft.net
Default Server: dns7.cp.msft.net
Address: 207.46.138.21
> set type=a
> www.microsoft.com
Server: dns7.cp.msft.net
Address: 207.46.138.21
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to dns7.cp.msft.net timed-out
> server dns6.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns6.cp.msft.net: Timed out
> server dns4.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns4.cp.msft.net: Timed out
> server dns5.cp.msft.net
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server dns5.cp.msft.net: Timed out
>
The sad thing is, the way DNS info is cached, is that it takes a fairly long outage for anyone to even notice.
Anyway, the above says: dns4,5,6 and 7
It says the backdoor exists in the open source version they released. Which is probably how it was discovered. So they put a backdoor account in there, forgot about it, decided to open-source their product, and .. oops.
Guess that'll teach companies a lesson about open-sourcing your products: go through and take out all your backdoors first!
There's a more detailed explanation of what this really means at http://www.interesting-people.org/200101/0015.html . (Stolen from the NANOG discussion today, the thread starts here: http://www.cctec.com/maillists/nanog/current/msg00 681.html).
I subscribe to both NTBugtraq and MS security mailing list. ... Given this situation, I will probably add MS security mailing list to my spam filter
uhm... why not just unsubscribe?
Two words: Silly hats
Agreed. Hi, we're Bene Gesserit and you can identify us by our white heart-shaped cowboy hats!
Or.. Hi, we're Sardaukar, and we can be identifed by our black pastry chef hats! (I'm not sure what they really were, actually).
Or.. Hi, I'm Feyd-Rautha, and you can identify me by this huge triangle I wear behind my head!
Poor little techs... with the puppy dog eyes... we wouldn't want them to do their job now would we?!
Keep in mind that with the amazing leap in the need for tech support people, they take people off the street and give them some basic training and let them loose. Kinda like fast food workers or migrant farm workers.. Except fast food workers don't think that knowing how to use a cash register makes them better than someone who doesn't.
Well, I'm sure everybody here appreciates you setting me straight
Well, saying that 'a dual PPro box with 1Gig of memory' couldn't handle the load of 100 users is misrepresenting Exchange. It sounds like that server WAS a place for the 25% VP population to store every document or funny little executable they found. Maybe you should look into setting up size limits on mailboxes, they work wonders. Or how about a policy on document retention? That way all those old incriminiating memos can't be subponead. Exchange's mailbox manager can delete old items automatically.
Don't get me wrong, I'm not in love with Exchange, but it does have some useful features, and since I'm stuck with it, I might as well learn how to use it...
having to set up and configure 'Profiles' for every bloody user on the server.
How is the server going to know about the users if they don't exist? Or does your existing setup just automatically create a mailbox whenever someone connects to your mail server?
Then there's the whole virus/worm thing!
Exchange is a system for transporting mail. Sendmail is just as adept at forwarding macro virus infected emails.
we used to run the Exchange server on a dual PPro box with 1Gig of memory. This couldn't handle the load (of approx 100 users)!!!
That's odd. We have 400 users on a dual PPro with 1/2 Gig of memory. No problems at all.
I'm more than confident a UNIX box running sendmail/pop/imap/webmail/etc. would be able to handle the load just fine, and then some.
Sure it would, but then you wouldn't have all of the features of Exchange... like.. uhm.. er.. well.. I never said I liked the product, just that you were a little off on some of your statements. (Ok, it does make collaboration easier, as it has integrated support for things that although possible on other systems are more of a hack).
that what made the Obfuscated C contest funny was its novelty
And what's so original about just cramming your code into unrecognizable encrypted garbage? Where's the style? Whatever happened to a program whose source code formed an ASCII graphic of what it would do, or something...
it seems that the series will be a visual masterpiece, nothing like the horrible David Lynch adaptation... The director of photography for the new series, Vittorio Storaro, is widely known as "the master of color" - and I think this is justified - so the film will probably be beyond eye candy
1. Not everyone thinks the David Lynch adaptation was horrible (of course, some people are so enamored of Dune that they'll watch/buy anything with the name... [raises hand])
2. "the master of color" -- so that means the Fremen now get blue glowing eyes like indiglo watches?! How colorful is the desert?
I was actually thinking of picking up the new Dune book today at the bookstore, but not for $28 dollars! (Not even for $20...). Instead, I got a DVD for $10. Maybe that's why I shop at Half-Price books a lot...
The first Dune prequel was entertaining, and irrestible because it was Dune, but a very, very light and quick read with little to no suspense. But I still liked it.
The way to make money off the 'net is not to sell hardware as a loss-leader Maybe somebody should tell that to Sony... Granted, the PS2 is not exactly strictly "making money off the net," but ... it IS network enabled.
Because it points out that most of these bugs have been FIXED in Mozilla, but not in Netscape, because Netscape doesn't want their release schedule to slip...
It looks like, to me, that this geek press is a page of the type they're talking about. A page that links to the 'false' pages with the proper keywords. So, are they deliberately helping these people out, or is it just an ironic coincidence?
Free (as in speech) tripwire.
Free (as in beer) posters. (You just have to figure out how to get past their poorly coded form validation to order one...).
Actully, AT&T uses OpenStep 4.2 in their cellphone distibution centers, not linux
Ahh! I knew I wasn't hallucinating when I saw that strange icon the time I toured an AT&T call center's server room..
My 3 year old Panasonic CF-25 has a handle. ... They've both been nocked off my desk, out of the car (a Jeep, onto the concrete floor of the parking garage... don't ask :), used in the rain, etc, and both are still in near perfect condition
Cheater! If memory serves me, isn't the Panasonic CF-25 a ruggedized laptop? We used to push it off a table during training classes just to see the reaction of the trainees...
There was a movie or TV show with this sorta plot... cybersex was so real that some people never had the real thing, and never missed it... then they started to get paranoid about it, thinkin' about diseases (in a future where STDs had been wiped out) and such... anyone have any idea what this movie was
Well, there was something similar in Demolition Man, but that's probably not what you're thinking of..
You still have to buy a certificate from one of the big CAs or else people will get scary errors in their browsers... I don't suppose there are any free CAs out there that are already setup in IE by default? (I think I know the answer to that already).