with the switch from shared to switched band Local Area Networks snooping is almost impossible anymore
That should read, snooping by "unauthorized people." Do you really want your non-network-admin types sniffing your network?
On Cisco equipment, monitoring all traffic types is only possible if you have enable priveleges.
As it should be, although just because you're using a switch doesn't mean an unprivleged user can't see all traffic... See http://www.monkey.org/~dugsong/dsniff/
Bosses usually dont and if they do they wouldnt know how to set up the nescessary listening apps (tcp, udp)
Since when do 'bosses' do it themselves anyway? They just have the people that know how do it...
Not to blow my cover but LAN admins usually can snoop quite well because of their access rights and know-how
Uh.. In my position, snooping is encouraged, as a troubleshooting and management tool, and also for... snooping.
Weve fired two people from telecomm at my University for just such intrusions
What, because they were LAN admins and were snooping?
Anyone that doesn't believe that Linux scales, is mistaken. Anyone that professes the same is either ignorant of what's been going down for the past two years or is FUDing.
What are you talking about? You don't even know what you're talking about, and you had the gall to give yourself a starting score of 2.
Running on 2 processors does NOT equal "scalability." Scalability is a measure of how much MORE performance one gets out of a system for each processor one adds. So, perfect scalability would be, double the processors, double the performance (that never happens in real life, though). The question is, how much more performance can you get for each processor you add? The more you get, the more scalable you are. Just BOOTING on a bunch of processors isn't even a question...
Who has complaints about traditional monitors and laptop screens?
Me, for one. The monitor takes up a lot of space (well, the old ones do, that's why the 'new wave' is flat-screen, and portable, and so forth). I want that space. The monitor is bulky and the main thing tying your computer to your desk (the keyboard can be put on one's lap, the mouse is not always needed or can be in the keyboard, and the case with all the real stuff can be anywhere that cables reach. But the monitor always has to be close to you. And it's heavy and bulky. Thus, the need for a desk. You can put a computer on the floor, but not a monitor.
"eShades" would quickly become an annoyance, as your eyes tire from the constant, radical focus shifts needed to glance back and forth between the screen, a book, the keyboard, et cetera
Well, actually, I've been told by professional ergonomics people (snicker) that shifting your eyes to distant objects ever so often reduces monitor-related eyestrain -- it's not good to stare at the same thing for a really long time.
Not to mention the fact that they'd make it impossible to enjoy a cup of coffee. Or a soda; you tilt your head back to get the last few drops of Dew, and the glasses either fall off or make you dizzy
Do you wear glasses? Have you seen other people who wear them? Are they able to drink Dew? Or do their glasses fall off? And as far as getting dizzy... close your eyes if it affects you! But I highly doubt it would.
On the "visual equivalent of a 19-inch desktop monitor", I expect a maximum resolution of no less than 1600x1200.
Here, I agree. 800x600 is HARDLY a 19 inch monitor. I'm running 1280x960 on this 19 inch monitor, and the text is nice and big.
then pretty much fade away into LinuxOne-esque obscurity.
The strange thing is, I saw an ad for LinuxOne in the latest Linux Journal... I wonder if it's the same company.
Now, I don't know how you would assess the skills of this particular administrator, but as for me, I would say that he is a completely and totally ignorant and most likely stupid to boot. What kind of kneebiter actually puts a box like this in the wild? Ok, here's a little contrast. I'm running a counterstrike server on a generic install of Redhat 6.2. Here's the results of an nmap:
turmoil# nmap -sS -O 206.173.xxx.xxx
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
Interesting ports on ahl (206.173.xxx.xxx):
(The 1522 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
TCP Sequence Prediction: Class=random positive increments
Difficulty=2103891 (Good luck!)
Remote operating system guess: Linux 2.1.122 - 2.2.14
Nmap run completed -- 1 IP address (1 host up) scanned in 22 seconds
That's it. Imagine that, a secure Linux box. What a novel concept.
Wow. You made a secure terminal. Congratulations. Now why not make a secure server?
It's free because the person doing it doesn't have to pay for it. Someone will have to pay for it, but as long as it's not us, who cares?! We all deserve free internet access, especially at the expense of Microsoft. It's perfect! <sarcasm off>
But seriously, it's hypocritical of them NOT to move them with all possible haste on to their own platforms. They are telling their customers to do just this, every day. If the move from "legacy" (non-Windows in the Microsoft lexicon) to Windows doesn't have huge benefits that easily justifies the porting effort, then their marketing is just a sham
Of course it's a sham! Microsoft's purpose is not to make quality software, or to make software they can use for their own business -- it's a company, whose purpose is to make money. It only makes good business sense to use the products that are cheapest and work best. People whine that Microsoft should use their own products because they think that Microsoft not using them is some sort of vindication, that proves that Windows isn't the greatest software ever made, etc. Sorry, but there are purer objectives at hand -- screw software quality, as long as people are still paying for it.
Yeah.. it's not as if Akamai is going to give you whatever site you want if you type the url in there. Sites pay Akamai money to distribute their content around the internet, hopefully as close as possible to an end user.
Let's look at the absolute *worst* case situation (from our point of view). Say Sun and HP contribute a significant amount of top-notch programmers towards the Gnome project and as a result, they overtake us. Perhaps for the first time, Gnome is better designed, easier to program for, easier to use, and more stable then KDE
Wow, it'll take the combined effort of all of Sun and HP to make Gnome as good as KDE! It must be vaporware now!
(Personally, I couldn't care less -- I use windowmaker or a console.)
I think a big part of the issue is that the part of town you live in has an older infrastructure, which means heavier copper, fewer loading coils, etc... The ISP issue may also have something to do with
Er... I would think you wouldn't want any load coils at all on your DSL pair. Right?
VPNs are supposed to be excrypted. So just changte the port numbers and they shouldn't be able to distinguish it from other encrypted transmissions. (Try the https port).. this provision sounds unenforcable.. so does it really matter?
It's not uneforceable, it depends on what and how you're using your VPN for. If it's just a secure hookup between computers you control on both ends, then sure, you can just play with port numbers all you want.
If, on the other hand, you are connecting your home computer to your work via their corporate VPN, you won't have nearly as much control. It's very easy to block IP/GRE or ISAKMP.
Or are you going to sit and admire it, and then go out and get a real watch, a gold watch that actually conveys status and meaning to the rest of society?
Well, I thought a watch was for you to know what time it was. Apparently I was mistaken. So, given that I have now been educated that the purpose of a watch is to convey status and meaning to the rest of society, the point of this watch is even clearer. It's just as much a status symbol as a cell phone, PDA, laptop, etc. "My watch runs Linux, what does yours run?"
Now, if we for some reason want to want to think of a watch as a functional device, as opposed to a status symbol, the advantages of putting linux on a watch are obvious. The code that runs watches previous to this was designed to...run a watch. Whereas linux running on a watch is a general-purpose OS adapted to run on a watch. Which means it can easily be extended to create all sorts of futuristic wrist-devices, i.e. phones, remote-controls, etc.
He says unix sucks because there's no shared, reusable code -- just a bunch of different standalone apps that you have to reinvent the wheel for every time. Now, obviously, he's talking about things like window managers and document editors and browsers, since one of the touted strengths of unix is the strength and versatility of its command-line tools. There's lots of reused code/tools as far as sed, awk, grep, perl, lex, yacc, etc. Every project out there doesn't have to reimplement those. However, there's not much reused code between something like, say, GNOME and KDE. Is it because people are scared of giving too much control to the people that "control" the base components? (I don't see how, seeing as how they would be free/GPL). So, basically, the stuff that HE has done for Unix sucks. And now he's going to fix it. Good, it's about time someone owned up to their own mistakes and decided to fix them.
Does this neatly counteract the argument that MS Office applications are necessary for complex, scripted integration (via Visual Basic)?
Uhm... where'd you get that argument? The only reason MS Office applications would be used for 'complex, scripted integration' is if one of their document types was needed. Maybe you should rephrase that to say, 'Does this neatly counteract the argument that the Visual Basic Runtime and Microsoft Transaction Server are necessary for complex, scripted integration (via Visual Basic)?'
More than likely trying to figure a way to make administrator's lives easier when they release it.
Release "it"? What's it? IPV6 in the wild? The specs have been out there for a long time, and people are already running it. It's not as if now, after a long and tiring process, Sprint and Worldcom are saying, "Here it is! ipv6!"
It is that last quote that really bothers me: they want to run in a lower "stealth mode." The very prospect of that scares me, from a net admin standpoint
Uhm.. the whole reason that they said (again, all I have to go on is what I read in the article) they wanted run in "stealth mode" is because people were noticing, getting paged, getting pissed off. So they expressed a desire to perform their operations with a more bit finesse, so as not to cause people to think their networks were being attacked. So, basically, they're trying to refine their techniques so they don't look like attacks. I guess the only question is, are they attacks or not? Cause if they're not, what does it matter?
Quoting the poster of the story (that would be CmdrTaco)...
I'm sick of having to run Diablo2 on my crappy old laptop w/o 3D Acceleration since it's my only windows box
Remember yesterday (I think), everyone said: "What do you mean you won't take reviews of online movies if you can't view them under linux? What do you mean you have 'no way to view them'? How do you play Diablo2?"
Maybe he was listening.. His "only" Windows machine is a "crappy old laptop w/o 3d acceleration" that he uses for diablo2. Guess he told everyone.
I'm not rich. So sue me. Some of us can't always throw more fucking bandwidth and hardware at the problem. Especially those of us who make minimum wage
But businesses can. Maybe they can't pay more than minimum wage cause they spent all their money on hardware and software licensing...
because none of the godamn computer companies want to hire us because we don't have "degrees" or "credentials" or any of that bullshit
It doesn't take "degrees" OR "credentials" to at least make more than minimum wage, if you have any sort of technical intelligence at all. You may not have your dream job, but you can definitely make above minimum wage...
Besides, our high school has a several thousand dollar tech budget and a T1 line and the shit still crashes every time you turn it on. That's no exaggeration, that's the literal truth
Uhm.. "several thousand dollars" doesn't go very far when it's spread out across an entire school. Does that cost include the T1 line? If so, you have even less money to spend.
"Why can't I be a network administrator making 6 figures? I mean, I know I'm still in high school and have never had a job before, but just wait 'til you see the job I'll do! I'll take all those servers and reload linux on them, and they'll run so much faster you won't even need half of them! Then I'll take them home and make a beowulf cluster out of them to crack DVDs and encode MP3s."
"Security!"
[ok, so maybe i overstereotyped at the end a little bit]
Slashdot Mirror
with the switch from shared to switched band Local Area Networks snooping is almost impossible anymore
... snooping.
That should read, snooping by "unauthorized people." Do you really want your non-network-admin types sniffing your network?
On Cisco equipment, monitoring all traffic types is only possible if you have enable priveleges.
As it should be, although just because you're using a switch doesn't mean an unprivleged user can't see all traffic... See
http://www.monkey.org/~dugsong/dsniff/
Bosses usually dont and if they do they wouldnt know how to set up the nescessary listening apps (tcp, udp)
Since when do 'bosses' do it themselves anyway? They just have the people that know how do it...
Not to blow my cover but LAN admins usually can snoop quite well because of their access rights and know-how
Uh.. In my position, snooping is encouraged, as a troubleshooting and management tool, and also for
Weve fired two people from telecomm at my University for just such intrusions
What, because they were LAN admins and were snooping?
That's harsh...
Free publicity.
Anyone that doesn't believe that Linux scales, is mistaken. Anyone that professes the same is either ignorant of what's been going down for the past two years or is FUDing.
What are you talking about? You don't even know what you're talking about, and you had the gall to give yourself a starting score of 2.
Running on 2 processors does NOT equal "scalability." Scalability is a measure of how much MORE performance one gets out of a system for each processor one adds. So, perfect scalability would be, double the processors, double the performance (that never happens in real life, though). The question is, how much more performance can you get for each processor you add? The more you get, the more scalable you are. Just BOOTING on a bunch of processors isn't even a question...
Who has complaints about traditional monitors and laptop screens?
... close your eyes if it affects you! But I highly doubt it would.
Me, for one. The monitor takes up a lot of space (well, the old ones do, that's why the 'new wave' is flat-screen, and portable, and so forth). I want that space. The monitor is bulky and the main thing tying your computer to your desk (the keyboard can be put on one's lap, the mouse is not always needed or can be in the keyboard, and the case with all the real stuff can be anywhere that cables reach. But the monitor always has to be close to you. And it's heavy and bulky. Thus, the need for a desk. You can put a computer on the floor, but not a monitor.
"eShades" would quickly become an annoyance, as your eyes tire from the constant, radical focus shifts needed to glance back and forth between the screen, a book, the keyboard, et cetera
Well, actually, I've been told by professional ergonomics people (snicker) that shifting your eyes to distant objects ever so often reduces monitor-related eyestrain -- it's not good to stare at the same thing for a really long time.
Not to mention the fact that they'd make it impossible to enjoy a cup of coffee. Or a soda; you tilt your head back to get the last few drops of Dew, and the glasses either fall off or make you dizzy
Do you wear glasses? Have you seen other people who wear them? Are they able to drink Dew? Or do their glasses fall off? And as far as getting dizzy
On the "visual equivalent of a 19-inch desktop monitor", I expect a maximum resolution of no less than 1600x1200.
Here, I agree. 800x600 is HARDLY a 19 inch monitor. I'm running 1280x960 on this 19 inch monitor, and the text is nice and big.
then pretty much fade away into LinuxOne-esque obscurity.
The strange thing is, I saw an ad for LinuxOne in the latest Linux Journal... I wonder if it's the same company.
Now, I don't know how you would assess the skills of this particular administrator, but as for me, I would say that he is a completely and totally ignorant and most likely stupid to boot. What kind of kneebiter actually puts a box like this in the wild? Ok, here's a little contrast. I'm running a counterstrike server on a generic install of Redhat 6.2. Here's the results of an nmap:
turmoil# nmap -sS -O 206.173.xxx.xxx
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
Interesting ports on ahl (206.173.xxx.xxx):
(The 1522 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
TCP Sequence Prediction: Class=random positive increments
Difficulty=2103891 (Good luck!)
Remote operating system guess: Linux 2.1.122 - 2.2.14
Nmap run completed -- 1 IP address (1 host up) scanned in 22 seconds
That's it. Imagine that, a secure Linux box. What a novel concept.
Wow. You made a secure terminal. Congratulations. Now why not make a secure server?
turn off commonly used services
make sure your ports are closed
firewall ICMP?!
Secure your machine by making it unpingable. Yes, very clever.
It's free because the person doing it doesn't have to pay for it. Someone will have to pay for it, but as long as it's not us, who cares?! We all deserve free internet access, especially at the expense of Microsoft. It's perfect! <sarcasm off>
Whether or not he was going about it the right way, it looks like he has been plenty patient.
http://www.geocrawler.com/arch ives/3/35/2000/6/0/3875772/
This is from June, and the post indicates he posted the bugfix in December of 1999.
you are ultimately thrilled and desperate
sky high and fucked
let's stop praying for someone to save us and start saving ourselves
let's stop this and start over
let's go out.. let's get going
Oh, and, uh, 70000 is way on the low end. Depending on how you define application.
I mean, come on, he;s quoting Old Man Murray and some "teenage photo shop whiz" to prove his points.
But seriously, it's hypocritical of them NOT to move them with all possible haste on to their own platforms. They are telling their customers to do just this, every day. If the move from "legacy" (non-Windows in the Microsoft lexicon) to Windows doesn't have huge benefits that easily justifies the porting effort, then their marketing is just a sham
Of course it's a sham! Microsoft's purpose is not to make quality software, or to make software they can use for their own business -- it's a company, whose purpose is to make money. It only makes good business sense to use the products that are cheapest and work best. People whine that Microsoft should use their own products because they think that Microsoft not using them is some sort of vindication, that proves that Windows isn't the greatest software ever made, etc. Sorry, but there are purer objectives at hand -- screw software quality, as long as people are still paying for it.
naming themselves after a superstitious tradition for warding off impending doom...
No.. they're naming themselves after their only worthwhile product.
Yeah.. it's not as if Akamai is going to give you whatever site you want if you type the url in there. Sites pay Akamai money to distribute their content around the internet, hopefully as close as possible to an end user.
Uhm... wow, talk about rabid ignorance.
If you install MSSQL7, the default password for the sa account is blank.
If you don't change it, it's still blank.
In an install of linux, the default root password is blank. If you don't change it, it's still blank.
The only difference is that you are usually asked to change it during the linux install...
But if you can't think to change default passwords after installing SQL server, you shouldn't be using it anyway.
Let's look at the absolute *worst* case situation (from our point of view). Say Sun and HP contribute a significant amount of top-notch programmers towards the Gnome project and as a result, they overtake us. Perhaps for the first time, Gnome is better designed, easier to program for, easier to use, and more stable then KDE
Wow, it'll take the combined effort of all of Sun and HP to make Gnome as good as KDE! It must be vaporware now!
(Personally, I couldn't care less -- I use windowmaker or a console.)
I think a big part of the issue is that the part of town you live in has an older infrastructure, which means heavier copper, fewer loading coils, etc... The ISP issue may also have something to do with
Er... I would think you wouldn't want any load coils at all on your DSL pair. Right?
VPNs are supposed to be excrypted. So just changte the port numbers and they shouldn't be able to distinguish it from other encrypted transmissions. (Try the https port).. this provision sounds unenforcable.. so does it really matter?
It's not uneforceable, it depends on what and how you're using your VPN for. If it's just a secure hookup between computers you control on both ends, then sure, you can just play with port numbers all you want.
If, on the other hand, you are connecting your home computer to your work via their corporate VPN, you won't have nearly as much control. It's very easy to block IP/GRE or ISAKMP.
Or are you going to sit and admire it, and then go out and get a real watch, a gold watch that actually conveys status and meaning to the rest of society?
Well, I thought a watch was for you to know what time it was. Apparently I was mistaken. So, given that I have now been educated that the purpose of a watch is to convey status and meaning to the rest of society, the point of this watch is even clearer. It's just as much a status symbol as a cell phone, PDA, laptop, etc. "My watch runs Linux, what does yours run?"
Now, if we for some reason want to want to think of a watch as a functional device, as opposed to a status symbol, the advantages of putting linux on a watch are obvious. The code that runs watches previous to this was designed to...run a watch. Whereas linux running on a watch is a general-purpose OS adapted to run on a watch. Which means it can easily be extended to create all sorts of futuristic wrist-devices, i.e. phones, remote-controls, etc.
He says unix sucks because there's no shared, reusable code -- just a bunch of different standalone apps that you have to reinvent the wheel for every time. Now, obviously, he's talking about things like window managers and document editors and browsers, since one of the touted strengths of unix is the strength and versatility of its command-line tools. There's lots of reused code/tools as far as sed, awk, grep, perl, lex, yacc, etc. Every project out there doesn't have to reimplement those. However, there's not much reused code between something like, say, GNOME and KDE. Is it because people are scared of giving too much control to the people that "control" the base components? (I don't see how, seeing as how they would be free/GPL). So, basically, the stuff that HE has done for Unix sucks. And now he's going to fix it. Good, it's about time someone owned up to their own mistakes and decided to fix them.
Does this neatly counteract the argument that MS Office applications are necessary for complex, scripted integration (via Visual Basic)?
Uhm... where'd you get that argument? The only reason MS Office applications would be used for 'complex, scripted integration' is if one of their document types was needed. Maybe you should rephrase that to say, 'Does this neatly counteract the argument that the Visual Basic Runtime and Microsoft Transaction Server are necessary for complex, scripted integration (via Visual Basic)?'
More than likely trying to figure a way to make administrator's lives easier when they release it.
Release "it"? What's it? IPV6 in the wild? The specs have been out there for a long time, and people are already running it. It's not as if now, after a long and tiring process, Sprint and Worldcom are saying, "Here it is! ipv6!"
It is that last quote that really bothers me: they want to run in a lower "stealth mode." The very prospect of that scares me, from a net admin standpoint
Uhm.. the whole reason that they said (again, all I have to go on is what I read in the article) they wanted run in "stealth mode" is because people were noticing, getting paged, getting pissed off. So they expressed a desire to perform their operations with a more bit finesse, so as not to cause people to think their networks were being attacked. So, basically, they're trying to refine their techniques so they don't look like attacks. I guess the only question is, are they attacks or not? Cause if they're not, what does it matter?
Quoting the poster of the story (that would be CmdrTaco)...
I'm sick of having to run Diablo2 on my crappy old laptop w/o 3D Acceleration since it's my only windows box
Remember yesterday (I think), everyone said: "What do you mean you won't take reviews of online movies if you can't view them under linux? What do you mean you have 'no way to view them'? How do you play Diablo2?"
Maybe he was listening.. His "only" Windows machine is a "crappy old laptop w/o 3d acceleration" that he uses for diablo2. Guess he told everyone.
Garpenlov
--Not ashamed of any OS he runs
I'm not rich. So sue me. Some of us can't always throw more fucking bandwidth and hardware at the problem. Especially those of us who make minimum wage
But businesses can. Maybe they can't pay more than minimum wage cause they spent all their money on hardware and software licensing...
because none of the godamn computer companies want to hire us because we don't have "degrees" or "credentials" or any of that bullshit
It doesn't take "degrees" OR "credentials" to at least make more than minimum wage, if you have any sort of technical intelligence at all. You may not have your dream job, but you can definitely make above minimum wage...
Besides, our high school has a several thousand dollar tech budget and a T1 line and the shit still crashes every time you turn it on. That's no exaggeration, that's the literal truth
Uhm.. "several thousand dollars" doesn't go very far when it's spread out across an entire school. Does that cost include the T1 line? If so, you have even less money to spend.
"Why can't I be a network administrator making 6 figures? I mean, I know I'm still in high school and have never had a job before, but just wait 'til you see the job I'll do! I'll take all those servers and reload linux on them, and they'll run so much faster you won't even need half of them! Then I'll take them home and make a beowulf cluster out of them to crack DVDs and encode MP3s."
"Security!"
[ok, so maybe i overstereotyped at the end a little bit]
It's not GPL? You can only redistribute patches? It doesn't support MAILUSER? I use it anyway?