I definitely agree on the SSH attempts. I don't mind my server being accessible from anywhere because my passwords are insane and I keep the OSSH services as up to date as possible (I'm updating within a couple hours of each new release). I'm very concerned about our Cisco infrastructure though. The current implementation is open to anyone from anywhere. I'm going to be pressing the issue as soon as our next meeting comes up. The syslog output is indeed very scary.
Back to the spam topic. Before our mail services (ISP) were outsourced I was blocking approximately 150k pieces of spam per day on average; we only had about 3000 users at this site. We peaked at just over 430k pieces of spam in one day at this same site but usually it was less. I wrote a script that parsed the logs and generated stats on both the last hop before our MTA farm and the source MTA/MUA (this part was a guess). Somewhere in the neighborhood of 50-75% (it really did vary that much) of the final relayed spamed we rejected came from within ARIN. The original source stats varied from around 60% to 85%. Every so often there were enormous spikes from other registries but the source of origin was mainly in the US. The source part of my script wasn't the most accurate. You can't trust any of the headers in any message you receive unless your own boxes wrote those headers specifically. Everything else is suspect.
I filter using an extensive local block list. For instance aside from minor white listings no RIPE, KRNIC, APNIC, LATNIC ip space can email my users. Much of APNIC is in the firewall, so they can't even browse our sites.
So what you're telling me is that that you've elected to block all the registries that do the least amount of good? The vast majority of spam comes from within the US (ARIN) and is directed to English-speaking American consumers. As an avid (sometimes rabid) anti-spammer myself I'd rather implement an effective filtering solution than waste my time blacklisting those that spam the least, according to every single spam source study done in the last 8 years or so. BTW, you forgot AfriNIC (41/8).
I also agree. The CAN-SPAM Act is a joke. 50 court cases? Ha! We could have had 50,000 cases in the courts in the 2 years since the CAN-SPAM Act stripped away the individual's right to seek private action. A success my ass.
It's really quite simple. She didn't make the charges. She's not responsible for them. There's no arguement that says otherwise. Lets say you steal my car, hit a couple of mail boxes, whack a Mercedes or two, and rob half a dozen gas stations with my car. Am I liable. Hell no I'm not liable. I didn't commit the crime. Someone stole my property. She's not responsible. This has been argued many times and quite frankly it's getting old. This isn't news.
You haven't described your network topology much. 400 PCs and 7 servers. I can make a lot of assumptions here such as you're on an entirely flat network. You're network is composed of a variety of equipment from multiple vendors and most of it is not manageable. Would either or both of these statements be correct?
In the short-term you need to break out a sniffer. A few people suggested this. What most of the people are suggesting are service/service monitor tools. These really won't help your problem. I use many of these myself including Nagios. In fact I'm getting another page from Nagios right now. I use it heavily at multiple customers' sites. These types of tools will help you find out when a particular service on a given server goes down but they're not going to help much in troubleshooting this problem.
What does your network troubleshooting skillset look like? Are you familiar with sniffers (network protocol analyzers)? Can you handle Linux? 95% of the free tools that you'll get recommendations on are going to need a Linux, Solaris, AIX, etc install to run on. Some of these tools have Windows ports; some can run in Cygwin. The most basic tool I'm going to recommend is tcpdump. Ince you've mastered tcpdump then you can make the switch to CLI snort. Ntop is also a very handy utility in that it gives you more historical data than most other tools. You need to position your sniffer in a place on the network where it can see the most traffic. If you're switches aren't management then you can't doing any port mirroring (spanning, monitoring, etc. whatever terminology your vendor uses). Placing a hub at a critical point will severely hurt your network throughput and may mask the problem. Network taps aren't too expensive. This would likely be your best bet.
Really you haven't given enough information for us to give you a solid recommendation. What does your physical network topology look like? What does you IP network topology look like? What brand(s) and model(s) of switches (or hubs) do you have? Are you currently graphing network I/O on your critical network or server links? Give us some more information and we can give you better suggestions. I'm really reserving any suggestions until I know more about your network. Chime in and I'll try to help.
I couldn't agree more. They scammed my parents back in the late 90s after cable TV came to town and my folks switched to that. About a year after terminating DTV service the started getting duns from DTV for over $300 for some ultra-fancy sports channel package that they didn't order. My mother would never fall for such a trick via phone or snail mail and my father defers everything like that to my mother so I'm sure they didn't actually sign up for it that way. They also couldn't have ordered it via the satellite because it was a one-way system that required a phone line to order anything. I conviently never ran the drop for the voice line. DTV wouldn't listen. Originally they claimed that the order was placed about 6 months after my parents returned all the DTV hardware to the local dealer. When they pointed this out to DTV they change the order date to a time when my parents still had DTV service. Nice, eh? It was turned over to a collection agency shortly thereafter. They never have made a mark on my parent's credit rating. If they ever do then I can nail them with the FCRA. Until that time they just screen their calls and ignore mail from collection agencies. I agree that DTV more closely resembles a criminal organization that a legitimate business.
Yes, I mean to emphasize "ME" because I'm one of the millions of domain owners that uses fake information to keep from being spammed to death (electronically or physically) on either my role email account or mailing address. Yes, I'm well briefed in the ways of various registrars privacy options. I even utilize GoDaddy's on a couple of my domains. Why would I want to pay another $10/yr for privacy options? It's just not worth it. I'd rather let people contact me through my websites where I can prevent the use of spiders than freely hand out my details via WHOIS.
I'm not sure if you're replying to someone else's post or if you read something into what I wrote that I'm not seeing. I'm not a back-patting kind of guy and I never consider myself the smartest person in the room. In fact I feel more than a little inferior when I attend our monthly all-eggheads meetings at work. As for this being a whole lot of text about me, well, yes it is which I don't find at all surprising considering I discovered something new about myself in a forum of similar people. That doesn't strike me as odd.
Wow. I always thought I was the only one that over-analyzed everything around me. I knew the word introvert before this article but I never really realized that the word described me. In my opinion the way I think bothers some of the people around me. Others I believe find it useful. Whenever someone mentions a new project for the first time within a minute I've gone over the whole thing in my head, thought of this, thought of that, found flaws in the project, fixed the flaws, planned new expansions on the project, analyzed their flaws, etc etc. Often people have to remind me that we're simply not to that point yet. Well, that's may be true.. for them. I've already planned up to that point and beyond. I've built a complete project plan in my head and I want to iron out all the wrinkles before I start the implementation phase. Sometimes it's very unnerving. Like I said, I believe some people find my thought process useful. They'll bring a problem to me and in a short while I've gone through all the various options, stumbled on all the caveats, found all the gotchas, and fixed all the problems. I'm a great person to brainstorm with. Even if I'm not an expert at the topic we're brainstorming over I can think of the questions that prompt the other person to think of the right answer with simple logic, deductive reasoning, and my introverted mind.
Well, I'm glad to know that I'm not alone. I just wish I knew how to fully harness my method of thinking. I would think that I could get a lot more done if I knew how to use what I've got.
I think you meant to say that the Kansas Board of Education experienced a timeshift to 1213 AD rather than implying that all Kansans are holier-than-thou can't-stand-to-be-out-of-the-spotlight Bible-thumping bigots. Not all of us Kansans are wired the same.
On a side note it was announced yesterday that 4 of the 6 BoE members that voted for Creationism^H^H^H^H^H^H^H^H^H^H^HIntelligent Design now have competition for their seats in the next election. I'm hoping for a Dover repeat.
Microsoft hasn't released an updated for IE on OS X since 6/16/2003. They only released that small upgrade from 5.2.1 because of an asinine amount of bugs in 5.2.1, including one that I found and reported. They made a big todo over 5.2.1 being their last Mac release. 2.5 years is more than long enough to consider that IE is no longer available as a Mac product. You can still pick up a Redhat release that supports Sparc (5.x). Does that mean that RH supports Sparcs? No, it doesn't.
There's no reason why the land under land-based wind farms can't be simultaneously used for something else. I've been talking about doing this for about 10 years now. I want to buy the 27,000 acre ranch north of my parent's ranch and put a windfarm on it. I would then graze the pastures underneath the windmills with cattle or buffalo. There's no reason why this can't be done. I could easily pay off the land in 10-15 years or so with a well-managed herd of 750-1000 head of buffalo. Imagine how using one investment to fund the other until both were supporting themselves. Wouldn't that be nice.
Given the size of these things and the slow speed at which they can be moved (including pulled) there's little chance of these things being stolen and towed off to Giligan's Island without someone noticing. As soon as a that part of the grid input went down the CO would know and could dispatch a tech. The barge could only move so fast so determining a search area would be triviall. Really I don't think it's a problem. They can always be outfitted with homing beacons that report their current location every couple of hours. That would suffice. I would find it more likely that these would be easy targets of attack by even the lowest tech of assailants.
It's funny you should mention this because I read an article about this no less than 3 minutes ago. Italian Prime Minister Silvio Berlusconi actually tried to dissuade President Bush from going to war and actively tried to keep it from happening through diplomatic channels in the Middle East. Italy never sent troops to Iraq to fight in the war. In fact they did not send troops to Iraq at all until after the UN mandated support for the reconstruction effort.
I'm from Kansas. I'm not allowed to believe in this new-fangled evolution mumbo jumbo. I'm supposed to believe that an intelligent designer planned all this out. However no one is allowed to tell me who this intelligent designer might be. Hmmmm......
That's weird. I still have both letters. I kept the original docs in the boxes that my original Speedstreams came in. I'll dig them out and find someone to scan them.
I never use long-distance on my landline, ever. I've had DSL for just over a year now and my bill has never been the same twice. Honestly it wouldn't surprise me in the least to find out that they're making "mistakes" on a broader level and never correct those mistakes unless caught with their hand in the cookie jar, and only then by that one customer. That would not surprise me in the least. Credit card companies have done this for years.
Both times I moved they states that it was their policy. The auto-generated form letters that were mailed to me stating that my DSL contracts had been terminated also stated that this was SBC policy. The form letters were identical when I moved in 2000 and again when I moved in 2003. FYI.
Slashdot Mirror
Back to the spam topic. Before our mail services (ISP) were outsourced I was blocking approximately 150k pieces of spam per day on average; we only had about 3000 users at this site. We peaked at just over 430k pieces of spam in one day at this same site but usually it was less. I wrote a script that parsed the logs and generated stats on both the last hop before our MTA farm and the source MTA/MUA (this part was a guess). Somewhere in the neighborhood of 50-75% (it really did vary that much) of the final relayed spamed we rejected came from within ARIN. The original source stats varied from around 60% to 85%. Every so often there were enormous spikes from other registries but the source of origin was mainly in the US. The source part of my script wasn't the most accurate. You can't trust any of the headers in any message you receive unless your own boxes wrote those headers specifically. Everything else is suspect.
So what you're telling me is that that you've elected to block all the registries that do the least amount of good? The vast majority of spam comes from within the US (ARIN) and is directed to English-speaking American consumers. As an avid (sometimes rabid) anti-spammer myself I'd rather implement an effective filtering solution than waste my time blacklisting those that spam the least, according to every single spam source study done in the last 8 years or so. BTW, you forgot AfriNIC (41/8).
I also agree. The CAN-SPAM Act is a joke. 50 court cases? Ha! We could have had 50,000 cases in the courts in the 2 years since the CAN-SPAM Act stripped away the individual's right to seek private action. A success my ass.
It's really quite simple. She didn't make the charges. She's not responsible for them. There's no arguement that says otherwise. Lets say you steal my car, hit a couple of mail boxes, whack a Mercedes or two, and rob half a dozen gas stations with my car. Am I liable. Hell no I'm not liable. I didn't commit the crime. Someone stole my property. She's not responsible. This has been argued many times and quite frankly it's getting old. This isn't news.
In the short-term you need to break out a sniffer. A few people suggested this. What most of the people are suggesting are service/service monitor tools. These really won't help your problem. I use many of these myself including Nagios. In fact I'm getting another page from Nagios right now. I use it heavily at multiple customers' sites. These types of tools will help you find out when a particular service on a given server goes down but they're not going to help much in troubleshooting this problem.
What does your network troubleshooting skillset look like? Are you familiar with sniffers (network protocol analyzers)? Can you handle Linux? 95% of the free tools that you'll get recommendations on are going to need a Linux, Solaris, AIX, etc install to run on. Some of these tools have Windows ports; some can run in Cygwin. The most basic tool I'm going to recommend is tcpdump. Ince you've mastered tcpdump then you can make the switch to CLI snort. Ntop is also a very handy utility in that it gives you more historical data than most other tools. You need to position your sniffer in a place on the network where it can see the most traffic. If you're switches aren't management then you can't doing any port mirroring (spanning, monitoring, etc. whatever terminology your vendor uses). Placing a hub at a critical point will severely hurt your network throughput and may mask the problem. Network taps aren't too expensive. This would likely be your best bet.
Really you haven't given enough information for us to give you a solid recommendation. What does your physical network topology look like? What does you IP network topology look like? What brand(s) and model(s) of switches (or hubs) do you have? Are you currently graphing network I/O on your critical network or server links? Give us some more information and we can give you better suggestions. I'm really reserving any suggestions until I know more about your network. Chime in and I'll try to help.
I couldn't agree more. They scammed my parents back in the late 90s after cable TV came to town and my folks switched to that. About a year after terminating DTV service the started getting duns from DTV for over $300 for some ultra-fancy sports channel package that they didn't order. My mother would never fall for such a trick via phone or snail mail and my father defers everything like that to my mother so I'm sure they didn't actually sign up for it that way. They also couldn't have ordered it via the satellite because it was a one-way system that required a phone line to order anything. I conviently never ran the drop for the voice line. DTV wouldn't listen. Originally they claimed that the order was placed about 6 months after my parents returned all the DTV hardware to the local dealer. When they pointed this out to DTV they change the order date to a time when my parents still had DTV service. Nice, eh? It was turned over to a collection agency shortly thereafter. They never have made a mark on my parent's credit rating. If they ever do then I can nail them with the FCRA. Until that time they just screen their calls and ignore mail from collection agencies. I agree that DTV more closely resembles a criminal organization that a legitimate business.
1) Simply bind the hands and feet of the politician in question.
2) Chain a few cement blocks to the person's legs.
3) Toss the politician into the Potomac River.
4) Wait 5 minutes. If they float, they're bad news. If they sink, they're bad news. Either way, proceed to step 5.
5) Profit!
This method has been serving Sicily's finest for years
Yes, I mean to emphasize "ME" because I'm one of the millions of domain owners that uses fake information to keep from being spammed to death (electronically or physically) on either my role email account or mailing address. Yes, I'm well briefed in the ways of various registrars privacy options. I even utilize GoDaddy's on a couple of my domains. Why would I want to pay another $10/yr for privacy options? It's just not worth it. I'd rather let people contact me through my websites where I can prevent the use of spiders than freely hand out my details via WHOIS.
I'm not sure if you're replying to someone else's post or if you read something into what I wrote that I'm not seeing. I'm not a back-patting kind of guy and I never consider myself the smartest person in the room. In fact I feel more than a little inferior when I attend our monthly all-eggheads meetings at work. As for this being a whole lot of text about me, well, yes it is which I don't find at all surprising considering I discovered something new about myself in a forum of similar people. That doesn't strike me as odd.
Well, I'm glad to know that I'm not alone. I just wish I knew how to fully harness my method of thinking. I would think that I could get a lot more done if I knew how to use what I've got.
Maybe you didn't get the memo: Evangelical Scientists Refute Gravity With New 'Intelligent Falling' Theory
Tell me again what civilized nation you live in?
You're right. They have rights under the Geneva Convention. Oh wait, we've been denying them those rights. Silly me.
In the US the chiefs would make their case to the elected official above them (mayor or governor) and they would do the lobbying.
On a side note it was announced yesterday that 4 of the 6 BoE members that voted for Creationism^H^H^H^H^H^H^H^H^H^H^HIntelligent Design now have competition for their seats in the next election. I'm hoping for a Dover repeat.
Microsoft hasn't released an updated for IE on OS X since 6/16/2003. They only released that small upgrade from 5.2.1 because of an asinine amount of bugs in 5.2.1, including one that I found and reported. They made a big todo over 5.2.1 being their last Mac release. 2.5 years is more than long enough to consider that IE is no longer available as a Mac product. You can still pick up a Redhat release that supports Sparc (5.x). Does that mean that RH supports Sparcs? No, it doesn't.
You just can't beat VMWare for speed and features. The memory management alone is worth it IMHO. I love VMWare.
Can you imagine what the world would be like today if every inventive mind rationalized new concepts the way you just did?
There's no reason why the land under land-based wind farms can't be simultaneously used for something else. I've been talking about doing this for about 10 years now. I want to buy the 27,000 acre ranch north of my parent's ranch and put a windfarm on it. I would then graze the pastures underneath the windmills with cattle or buffalo. There's no reason why this can't be done. I could easily pay off the land in 10-15 years or so with a well-managed herd of 750-1000 head of buffalo. Imagine how using one investment to fund the other until both were supporting themselves. Wouldn't that be nice.
Given the size of these things and the slow speed at which they can be moved (including pulled) there's little chance of these things being stolen and towed off to Giligan's Island without someone noticing. As soon as a that part of the grid input went down the CO would know and could dispatch a tech. The barge could only move so fast so determining a search area would be triviall. Really I don't think it's a problem. They can always be outfitted with homing beacons that report their current location every couple of hours. That would suffice. I would find it more likely that these would be easy targets of attack by even the lowest tech of assailants.
It's funny you should mention this because I read an article about this no less than 3 minutes ago. Italian Prime Minister Silvio Berlusconi actually tried to dissuade President Bush from going to war and actively tried to keep it from happening through diplomatic channels in the Middle East. Italy never sent troops to Iraq to fight in the war. In fact they did not send troops to Iraq at all until after the UN mandated support for the reconstruction effort.
I'm from Kansas. I'm not allowed to believe in this new-fangled evolution mumbo jumbo. I'm supposed to believe that an intelligent designer planned all this out. However no one is allowed to tell me who this intelligent designer might be. Hmmmm......
Kansas. These were both in-state moves to areas that did not have SBC DSL service and one area that didn't have any SBC service of any kind.
That's weird. I still have both letters. I kept the original docs in the boxes that my original Speedstreams came in. I'll dig them out and find someone to scan them.
I never use long-distance on my landline, ever. I've had DSL for just over a year now and my bill has never been the same twice. Honestly it wouldn't surprise me in the least to find out that they're making "mistakes" on a broader level and never correct those mistakes unless caught with their hand in the cookie jar, and only then by that one customer. That would not surprise me in the least. Credit card companies have done this for years.
Both times I moved they states that it was their policy. The auto-generated form letters that were mailed to me stating that my DSL contracts had been terminated also stated that this was SBC policy. The form letters were identical when I moved in 2000 and again when I moved in 2003. FYI.