Or maybe it's just that AOL has an appeal to those that don't want to touch computers unless they have to. People that are only using a computer because they're forced to modernize see AOL as insurance of a hassle-free experience, even for those that barely understand the concept of a mouse. Those that end up getting over the computer fearing hump move on.
"...but the phone/pda manufacturers are choosing to support the most common setup."
Okay, here's the plan. First, you start the crusade by not being able to sync with your mobile phone. Next, get others to do it. Once there's enough demand and your market is catered to, I'll look into it.
"I find it extremely interesting that the government in the past has brought an anti-trust suit against Microsoft for being a monopoly, however they themselves would help to propagate this by using their software."
Personally, I find it interesting that so many people view our system as a single entity like it's some form of a hive mind. It reminds me of being a child and viewing my mother as some sort of a god who has a huge plan which encompasses everything she does and says. Human civilizations aren't exactly ant colonies. There really isn't one conscious being called "The Government". There's bound to be a LOT of confusion in anything we try and do as one entity because Mother Nature didn't design us to work that way. That's why we have one group of people fighting to adopt open standards and another group not even thinking about it when all they want to do is make a web app and reach the largest percentage of the population with minimal amount of work and development time. Sure, it's easily recognized as short sighted to those of us that value interoperability, but it's not exactly like they woke up and decided to endorse crack. To the development team at the Copyright Office, choosing to test the one browser that has a 90% market share makes the most amount of sense from a ROI standpoint. It's not like "The Government" sat at a round table with Bush at the helm deciding that the US Copyright Office will support only Microsoft because Microsoft secretly controls all parts of the American government and are working towards an ultimate plot to make us eat Soylent Green and use more oil.
"Yeah. It's good competition. It will force us to be innovative. It will force us to justify the prices and value that we deliver. And that's only healthy. The only thing we have a problem with is when the government funds open-source work. Government funding should be for work that is available to everybody. Open source is not available to commercial companies. The way the license is written, if you use any open-source software, you have to make the rest of your software open source. If the government wants to put something in the public domain, it should. Linux is not in the public domain. Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. That's the way that the license works."
Balmer was simply comparing the effect the license has on software when you try to integrate OSS into a closed-source model. Ask Linksys what they think and I bet they'd agree. Balmer was just stupid when he compared a characteristic of the competator to a characteristic of a life threatening disease. It was like saying, "Hey, Jon has a mustache like Hitler's!" The fact that cancer spreads is well known and easy to compare to. Unfortunately, it can be taken out of context by hyper-sensitive people that are emotionally attached to their "side". You suddenly have a couple hundred articles quoting one sentence of what you said, making you out to be an anti-competatve slanderer.
I'm in a small business that has gone from 40 full time employees to about 150 in the last two years. My boss, the Director of IT started just a few months before me. Prior to him, there was no centralized IT dept. What the parent poster said is 100% true, but I'd like to add some equally important advice.
You need to itemize your budget into categories such as "Software purchases and maintenance", "Hardware", "Supplies", "Communications", "Training", and so on. Your first time making the budget, this will be an extremely tough process. Rely on reviewing the past years' spending and think of those purchases have not been made that should have (Think backup power, corporate antivirus solution, license audit, backup solution, workstation and server refreshes). This list can be quite long, depending on the company. Make sure you get buy off on this list by talking to all those involved and getting their approval in writing. As an example, make sure everyone is agreeing on the same software products so you don't get blindsided half way into the year by some $10,000 package that you weren't expecting another manager would require. You'll be held accountable for your department's spending compared to what was budgeted, so you absolutely MUST aim high on the estimated cost of everything, even more so on items that are tough to pinpoint the cost on. If there's something that has a fluctuating cost, look at a several year history to recognize growth and aim for the highest cost month at the current growth rate.
Make your proposal as simplified and easy to understand as possible. Leave out the techie stuff and tell him what he is going to get out of each item. For items that you know will be a tough sell, bring statistics and case studies of other, big name companies that use said item. When your boss sits down with you to review your proposal, you're going to have to fight for your budget. If he/she wants a more granular view into the proposal, give it to him. If he comments that certain items seem a little high, tell him that you put it a little high to give cushion and provide breathing room for unseen costs. During this process, fight for the things that are most important and give him victories on the smaller things. This way, you get the money for the things that matter most and if the boss comes to you later asking for something not so important, you can refer to the budget and ask what he wants bumped. If he backs out and drops his ad-hoc request, save that as ammo for the next budget review in case you need it. If your boss wants to give you an unreasonably low amount, you must set expectations and clarify the items that will have to be bumped from the review. If he's trying to give you your own budget, remind him that you're the one responsible for the budget and that responsibility cannot be given without also giving authority. Most people understand this line of reasoning and those that don't shouldn't be running a business and you're better off finding an employer that you can grow under. There are plenty of companies out there that would hire an experienced individual that puts a real effort into their job and stands behind what they bring to the company.
When the dust settles, there may be important items that got bumped due to the high costs in catching up to where your department should be at. Do NOT try and squeeze money out of other items to make room for those items that are being bumped early in the year. If crap hits the fan due to that item not being approved in the budget, it's not your fault and your boss made the decision on his own knowing the possible consequences as you explained them. On the other hand, if you get to Q3 and have a little extra money, you'll be in a much better position to purchase that item as a bonus and sleep comfortably knowing that you'll still make budget. Keep in mind though that you'll rarely find yourself getting more breathing room on your budget as the year progresses, so don't count on this happening.
"It's highly unlikely someon has both stolen your mobile phone AND phished your details."
One of the items that is phished is the phone number. From there, the individual can lookup which provider that DID is on. Last step is to use the ESN from some junked, but working cell phone. Call in, give the name, number, and ESN to have the phone number switched over. It's really not all too difficult and most cellular providers don't authenticate the users.
You wouldn't believe how difficult it was to have our Sprint business account set up to require a verbal confirmation of the account pin for ANY changes or queries. Only the technology department has access to the pin. 20% of the time, customer service just OKs through the screen that pops up telling them to verify the pin. Each time this happens, I have to unleash a "squeeky wheel" fit. Heck, getting this set up on all our phone numbers required speaking with a manager's manager and explaining to them the security implications and possibility of lawsuits that could result from not verifying the customer before processing their request. I set this up to prevent any incidents with disgruntled employees, past or present and also to mitigate the risk that lost/stolen phones present.
Because nobody bothers wasting their time finding vulnerabilities for a browser with such a miniscule market share. Where's the fame and fortune in that?
"They don't have an adequate trust model for modern computing, being stuck in the single-user era."
Dude, they've had a model like this since Windows NT4 released. The problem which prevents its widespread use is a catch-22. Many programs are written by programmers that are stuck in a single-user era. The only way to force them to fix their software is for Microsoft to make Windows, by default run users as normal users instead of local administrators. Due to the prevelant use of Windows in the business environment though, they can't do that without pissing off a LOT of companies that use these root/admin dependant programs. Any application that writes outside of the logged in user profile or home directory in a networked environment is a good example.
This makes sense. Correcting the sales rep in front of the customer won't look good for the company. It's not about selling things that can't be done, it's about presenting a unified image. Any of us that have worked with sales know that they'll sell something they "think" can be done to get their commission. It does bite them back though when they have to go back to the customer and explain that the sold feature isn't currently available. Eventually, they learn to consult the techies or they create a track record of plenty of one time sales with few repeat customers.
The ISP would probably just do 802.1q tagging for the voice traffic and the voice gateway device sitting at the customer premesis also tags. Problem solved.:)
Dude, you're smoking crack and don't know what you're talking about. As another poster said, most people don't understand what is meant by VoIP and I believe you're one of them. In the business world, a VoIP deployment is meant to replace the traditional PBX, allowing for further capabilities and integration over existing network equipment. Instead of having your T568B wiring infrastructure sitting alongside older crummy wires (Typically Category 3) used for your voice, you dump the crap cable and run your voice over the network. You junk that Nortel system. Now your telephony is running over IP and you wouldn't believe all the useful crap you can do with that. Popups on the screen with customer info when there's an incoming call, TONS of reporting, integration galore.
The first thing the readers must understand is that calls within the organization are VoIP from end to end. Most people don't seem to understand just how much voice traffic in an organization is usually internal and never goes out to the PSTN (Public Service Telephone Network). That being said, anything that goes to your cell phone, home phone, or another autonomous system VoIP network goes over the PSTN. When you hop on Skype and call moms house, Skype is handing off the call to their provider and it goes over PSTN from them to mom. If you hop on Skype and call me on my Cisco phone at work, you're going through Skype's VoIP network, exiting to the PSTN, crossing several switches as directed by SS7, entering our DS3 to our 2800 gateway. At that point, our gateway talks to our CCM (Cisco Call Manager) which says in MGCP signaling speak, "Dude, that number you dialed is Lucas' phone!" The gateway then sends the call to my phone, passing over our 6506 core layer switch, and through the 3560 Distribution layer switch. For anyone that's about to jump down my throat over a missing piece: We're not big enough yet to separate the access layer and distribution layer. We just happen to do a lot of calling to and from the PSTN, warranting the DS3.
For those calls that do go out PSTN, you toss in something like a DS1 or whatever bandwidth you need for your PSTN connection. For inbound calls from the PSTN, all your DIDs (Direct Inbound Dialing, aka "You're phone numbers") point to that DS1 which plugs into your gateway such as a Cisco 2800. The gateway takes those and talks to a call manager to decide where to direct the flow to. That could be a desk phone, Unity, IVR server, or so on.
The real benefit of VoIP or even a PBX with a compression module installed is when you have multiple sites. You toss in a point to point link and pay a flat rate for it per month. Let's say you're spending $20,000/month in telco costs to call between two locations over PSTN and there's four DS1s total, two at each site (For anyone confused by DS1 speak, just think T1). Toss in a single point to point link, a gateway at the remote site, and expand your VoIP infrastructure. You're now paying $800/mo. and have nearly 50% more room for voice calls due to the compression. The calls sound as good or better than when they were going over the PSTN.
One concern is E911 services and the FCC is pushing through laws that require IP phones to be able to dial 911 and have that call go to the office local to the caller with the correct address displayed. An easy and preferred solution is to dedicate a few plain old analog lines at each site and hook em up to the gateways. Configure each gateway to use those analog lines for 911 calls. Place test calls to 911 from each location using the proper procedures and you're good to go.
Now when it comes to voice quality, there's not much you can do about the PSTN side of things. There's several providers, but usually only your main telco has the real equipment and the others piggyback on top of their infrastructure. That means when your line is having issues, you call MCI who then calls Qwest. It's a bitch to deal with one telco, let alone two. From the Demarc which is the point where the telco denies
Or course it's one of those times. When I landed my last few jobs, I removed my jewelry (A few earrings and a 6ga tongue stud) for the interview process. They were back in my first day on the job and it wasn't a problem. During the interview process, I asked if it would be okay to have my body jewelry and named them off. The main reason for taking them out for an interview is that an interview is and should have some very formal processes. Not necessarily for the whole duration though.
"Apple also quickly snuffed out the possibility that computer makers other than itself might someday offer Mac OS X. But it did not say how it would prevent users from installing a pirated copy of the software on their computers from Dell Inc., Hewlett-Packard Co. or others."
There have been rumors now and then for a long time about them developing an x86 version of their OS, but they were always speculation about where Apple might be going in the future. I don't recall a single one stating that Apple would be announcing it within a few days. It has never grown to 1/10th of the chatter that it's at now. I'd be surprised if it wasn't true. Besides, what would be so shocking about the new line of CPUs being made by Intel? Intel knows how to make CPUs and they aren't limited to the x86 architecture. Remember that only one or two articles regarding this rumor have even mentioned x86.
Tech support for 2000 will have to be paid for, but security patches will be released at LEAST until 2010-06-30. Between mainstream support ending and extended support ending, the only missing things are:
1) Non-security hotfix support unless you buy an extended contract for this.
2) No-charge incident support
3) Warranty Claims
4) Design changes and feature requests
Here's a link to the dates on their site. Click ont he link towards the top of that page for the FAQ where they explain what all this means.
They released security updates for NT4 well beyond when its extended support phase ended and I imagine they'll do the same for 2000. Even if they don't, I'm of the opinion that this is a very agreeable support lifecycle.
"If that doesn't work we sometimes have them use port 80, and warn them not to surf the web while sending out email because it can potentially cause errors."
This reminds me of a support call I had for NT4 Server. The client was using some D-Link NAT-enabled router at one of two sites to be connected by RRAS, using PPTP. Their router was running the latest firmware and still having issues with PPTP passthrough. Using a utility called PPTP Ping and taking a network capture at both servers, I could clearly see that the GRE protocol wasn't getting through. When I conferenced in D-Link support, their tech, tech's supervisor, and manager all were insisting that we need to "Forward port 47." They were being total jerks, saying I don't know what I'm talking about when I told them that forwarding TCP or UDP port 47 does nothing. I was trying to explain to them that what is meant is the GRE protocol, protocol number 47 as defined by IANA. GRE protocol 47 doesn't use ports, especially not port 47 for the TCP or UDP protocols. When I sent them RFC 2637, they basically said "Well, our people know what they're doing and you have to forward port 47." It was at this point that I asked if they want me to forward TCP or UDP and just did it to get them to escalate.
It's amazing how the basic understanding of the TCP/IP protocol suite can be so screwed up in well established companies.
Not to mention System Administration, Telecommunications, and Database Administration.
To the parent's parent: Tech support should count in several instances. You can't tell me that when I supported NT4 Server and Proxy 2.0 for Microsoft, that I wasn't considered an IT person. We were the people that the were called when sysadmins and netadmins were in over their heads. It's not like that support was limited to dealing with MS technologies. We had to deal with networking equipment from Cisco, Juniper, 3com, Lucent, Checkpoint, RSA, etc. to isolate and resolve network issues. Portfast not being turned on, QoS, routing protocol issues, bugs resolved by firmware or OS (IOS, CatOS, etc.) updates, incorrectly configured IP Helper, incorrectly configured firewalls, DNS mishaps by various registrars. That's just to name a few dealings with other vendors. We got multiple networks a day to troubleshoot, often thousands of nodes in size and multiple sites over the world to fix. RFCs were constantly referenced and network captures discected to find bugs. We were the first people they'd call since Windows would be the first and most obvious place to see symptoms of underlying problems. If you ask me, that sort of work takes more ability than working on the same network for years straight.
More than 4GB of memory has been supported in 32-bit CPUs since the Pentium Pro using PAE (Page Address Extensions). I read somewhere that AMDs latest add 8 bits for a total of 40. Windows has been supporting PAE since 2000 and I believe Linux is doing it as well. Currently, the most advanced version of Windows Server 2003 supports 36-bit addressing for a total of 64GB of RAM. Link
"The whole point is to make it so that users can install applications without it installing spyware all over your system directories."
What's the difference when you look at the end result? Very little. Users are still able to install Banzai Buddy, Gator, My Cool Search, $20/min. dialer programs, etc. The only difference is that instead of ghosting to restore a hosed system, you only have to delete the users profile/home directory after backing up the data files. Big whoop. You just saved a 1/2 hour of downtime for the user and 10 min. of administrative time involved in ghosting.
Ideally, only admins can install programs. Users home directories are for storing all their user data. If you need to lock it down further and prevent executables that don't need to be installed, you can use group policy to lock down allowed executables. The technology for doing these things is there. The problem is software developers with no sense of security. This is a developer problem and will exist regardless of the platform. If Windows had the luxury of having the majority of their users and developers being geeks with an iota of security concern, Windows wouldn't have such a bad rap.
Slashdot Mirror
by Anonymous Coward
I'm tired of your corporate bullshit!
Dude, this isn't where you fill out the Microsoft Comment Card. Try going here and sending that message to Ryan Hamlin.
-Lucas
Either that or the IT department isn't large enough for them to do everything.
Okay, here's the plan. First, you start the crusade by not being able to sync with your mobile phone. Next, get others to do it. Once there's enough demand and your market is catered to, I'll look into it.
-Lucas
Personally, I find it interesting that so many people view our system as a single entity like it's some form of a hive mind. It reminds me of being a child and viewing my mother as some sort of a god who has a huge plan which encompasses everything she does and says. Human civilizations aren't exactly ant colonies. There really isn't one conscious being called "The Government". There's bound to be a LOT of confusion in anything we try and do as one entity because Mother Nature didn't design us to work that way. That's why we have one group of people fighting to adopt open standards and another group not even thinking about it when all they want to do is make a web app and reach the largest percentage of the population with minimal amount of work and development time. Sure, it's easily recognized as short sighted to those of us that value interoperability, but it's not exactly like they woke up and decided to endorse crack. To the development team at the Copyright Office, choosing to test the one browser that has a 90% market share makes the most amount of sense from a ROI standpoint. It's not like "The Government" sat at a round table with Bush at the helm deciding that the US Copyright Office will support only Microsoft because Microsoft secretly controls all parts of the American government and are working towards an ultimate plot to make us eat Soylent Green and use more oil.
-Lucas
Balmer was simply comparing the effect the license has on software when you try to integrate OSS into a closed-source model. Ask Linksys what they think and I bet they'd agree. Balmer was just stupid when he compared a characteristic of the competator to a characteristic of a life threatening disease. It was like saying, "Hey, Jon has a mustache like Hitler's!" The fact that cancer spreads is well known and easy to compare to. Unfortunately, it can be taken out of context by hyper-sensitive people that are emotionally attached to their "side". You suddenly have a couple hundred articles quoting one sentence of what you said, making you out to be an anti-competatve slanderer.
-Lucas
You need to itemize your budget into categories such as "Software purchases and maintenance", "Hardware", "Supplies", "Communications", "Training", and so on. Your first time making the budget, this will be an extremely tough process. Rely on reviewing the past years' spending and think of those purchases have not been made that should have (Think backup power, corporate antivirus solution, license audit, backup solution, workstation and server refreshes). This list can be quite long, depending on the company. Make sure you get buy off on this list by talking to all those involved and getting their approval in writing. As an example, make sure everyone is agreeing on the same software products so you don't get blindsided half way into the year by some $10,000 package that you weren't expecting another manager would require. You'll be held accountable for your department's spending compared to what was budgeted, so you absolutely MUST aim high on the estimated cost of everything, even more so on items that are tough to pinpoint the cost on. If there's something that has a fluctuating cost, look at a several year history to recognize growth and aim for the highest cost month at the current growth rate.
Make your proposal as simplified and easy to understand as possible. Leave out the techie stuff and tell him what he is going to get out of each item. For items that you know will be a tough sell, bring statistics and case studies of other, big name companies that use said item. When your boss sits down with you to review your proposal, you're going to have to fight for your budget. If he/she wants a more granular view into the proposal, give it to him. If he comments that certain items seem a little high, tell him that you put it a little high to give cushion and provide breathing room for unseen costs. During this process, fight for the things that are most important and give him victories on the smaller things. This way, you get the money for the things that matter most and if the boss comes to you later asking for something not so important, you can refer to the budget and ask what he wants bumped. If he backs out and drops his ad-hoc request, save that as ammo for the next budget review in case you need it. If your boss wants to give you an unreasonably low amount, you must set expectations and clarify the items that will have to be bumped from the review. If he's trying to give you your own budget, remind him that you're the one responsible for the budget and that responsibility cannot be given without also giving authority. Most people understand this line of reasoning and those that don't shouldn't be running a business and you're better off finding an employer that you can grow under. There are plenty of companies out there that would hire an experienced individual that puts a real effort into their job and stands behind what they bring to the company.
When the dust settles, there may be important items that got bumped due to the high costs in catching up to where your department should be at. Do NOT try and squeeze money out of other items to make room for those items that are being bumped early in the year. If crap hits the fan due to that item not being approved in the budget, it's not your fault and your boss made the decision on his own knowing the possible consequences as you explained them. On the other hand, if you get to Q3 and have a little extra money, you'll be in a much better position to purchase that item as a bonus and sleep comfortably knowing that you'll still make budget. Keep in mind though that you'll rarely find yourself getting more breathing room on your budget as the year progresses, so don't count on this happening.
This process may at
One of the items that is phished is the phone number. From there, the individual can lookup which provider that DID is on. Last step is to use the ESN from some junked, but working cell phone. Call in, give the name, number, and ESN to have the phone number switched over. It's really not all too difficult and most cellular providers don't authenticate the users.
You wouldn't believe how difficult it was to have our Sprint business account set up to require a verbal confirmation of the account pin for ANY changes or queries. Only the technology department has access to the pin. 20% of the time, customer service just OKs through the screen that pops up telling them to verify the pin. Each time this happens, I have to unleash a "squeeky wheel" fit. Heck, getting this set up on all our phone numbers required speaking with a manager's manager and explaining to them the security implications and possibility of lawsuits that could result from not verifying the customer before processing their request. I set this up to prevent any incidents with disgruntled employees, past or present and also to mitigate the risk that lost/stolen phones present.
-Lucas
-Lucas
Dude, they've had a model like this since Windows NT4 released. The problem which prevents its widespread use is a catch-22. Many programs are written by programmers that are stuck in a single-user era. The only way to force them to fix their software is for Microsoft to make Windows, by default run users as normal users instead of local administrators. Due to the prevelant use of Windows in the business environment though, they can't do that without pissing off a LOT of companies that use these root/admin dependant programs. Any application that writes outside of the logged in user profile or home directory in a networked environment is a good example.
-Lucas
-Lucas
-Lucas
The first thing the readers must understand is that calls within the organization are VoIP from end to end. Most people don't seem to understand just how much voice traffic in an organization is usually internal and never goes out to the PSTN (Public Service Telephone Network). That being said, anything that goes to your cell phone, home phone, or another autonomous system VoIP network goes over the PSTN. When you hop on Skype and call moms house, Skype is handing off the call to their provider and it goes over PSTN from them to mom. If you hop on Skype and call me on my Cisco phone at work, you're going through Skype's VoIP network, exiting to the PSTN, crossing several switches as directed by SS7, entering our DS3 to our 2800 gateway. At that point, our gateway talks to our CCM (Cisco Call Manager) which says in MGCP signaling speak, "Dude, that number you dialed is Lucas' phone!" The gateway then sends the call to my phone, passing over our 6506 core layer switch, and through the 3560 Distribution layer switch. For anyone that's about to jump down my throat over a missing piece: We're not big enough yet to separate the access layer and distribution layer. We just happen to do a lot of calling to and from the PSTN, warranting the DS3.
For those calls that do go out PSTN, you toss in something like a DS1 or whatever bandwidth you need for your PSTN connection. For inbound calls from the PSTN, all your DIDs (Direct Inbound Dialing, aka "You're phone numbers") point to that DS1 which plugs into your gateway such as a Cisco 2800. The gateway takes those and talks to a call manager to decide where to direct the flow to. That could be a desk phone, Unity, IVR server, or so on. The real benefit of VoIP or even a PBX with a compression module installed is when you have multiple sites. You toss in a point to point link and pay a flat rate for it per month. Let's say you're spending $20,000/month in telco costs to call between two locations over PSTN and there's four DS1s total, two at each site (For anyone confused by DS1 speak, just think T1). Toss in a single point to point link, a gateway at the remote site, and expand your VoIP infrastructure. You're now paying $800/mo. and have nearly 50% more room for voice calls due to the compression. The calls sound as good or better than when they were going over the PSTN.
One concern is E911 services and the FCC is pushing through laws that require IP phones to be able to dial 911 and have that call go to the office local to the caller with the correct address displayed. An easy and preferred solution is to dedicate a few plain old analog lines at each site and hook em up to the gateways. Configure each gateway to use those analog lines for 911 calls. Place test calls to 911 from each location using the proper procedures and you're good to go.
Now when it comes to voice quality, there's not much you can do about the PSTN side of things. There's several providers, but usually only your main telco has the real equipment and the others piggyback on top of their infrastructure. That means when your line is having issues, you call MCI who then calls Qwest. It's a bitch to deal with one telco, let alone two. From the Demarc which is the point where the telco denies
-Lucas
"Apple also quickly snuffed out the possibility that computer makers other than itself might someday offer Mac OS X. But it did not say how it would prevent users from installing a pirated copy of the software on their computers from Dell Inc., Hewlett-Packard Co. or others."
-Lucas
-Lucas
1) Non-security hotfix support unless you buy an extended contract for this.
2) No-charge incident support
3) Warranty Claims
4) Design changes and feature requests
Here's a link to the dates on their site. Click ont he link towards the top of that page for the FAQ where they explain what all this means.
They released security updates for NT4 well beyond when its extended support phase ended and I imagine they'll do the same for 2000. Even if they don't, I'm of the opinion that this is a very agreeable support lifecycle.
-Lucas
-Lucas
This reminds me of a support call I had for NT4 Server. The client was using some D-Link NAT-enabled router at one of two sites to be connected by RRAS, using PPTP. Their router was running the latest firmware and still having issues with PPTP passthrough. Using a utility called PPTP Ping and taking a network capture at both servers, I could clearly see that the GRE protocol wasn't getting through. When I conferenced in D-Link support, their tech, tech's supervisor, and manager all were insisting that we need to "Forward port 47." They were being total jerks, saying I don't know what I'm talking about when I told them that forwarding TCP or UDP port 47 does nothing. I was trying to explain to them that what is meant is the GRE protocol, protocol number 47 as defined by IANA. GRE protocol 47 doesn't use ports, especially not port 47 for the TCP or UDP protocols. When I sent them RFC 2637, they basically said "Well, our people know what they're doing and you have to forward port 47." It was at this point that I asked if they want me to forward TCP or UDP and just did it to get them to escalate.
It's amazing how the basic understanding of the TCP/IP protocol suite can be so screwed up in well established companies.
-Lucas
To the parent's parent: Tech support should count in several instances. You can't tell me that when I supported NT4 Server and Proxy 2.0 for Microsoft, that I wasn't considered an IT person. We were the people that the were called when sysadmins and netadmins were in over their heads. It's not like that support was limited to dealing with MS technologies. We had to deal with networking equipment from Cisco, Juniper, 3com, Lucent, Checkpoint, RSA, etc. to isolate and resolve network issues. Portfast not being turned on, QoS, routing protocol issues, bugs resolved by firmware or OS (IOS, CatOS, etc.) updates, incorrectly configured IP Helper, incorrectly configured firewalls, DNS mishaps by various registrars. That's just to name a few dealings with other vendors. We got multiple networks a day to troubleshoot, often thousands of nodes in size and multiple sites over the world to fix. RFCs were constantly referenced and network captures discected to find bugs. We were the first people they'd call since Windows would be the first and most obvious place to see symptoms of underlying problems. If you ask me, that sort of work takes more ability than working on the same network for years straight.
-Lucas
Wow, thanks for that. I didn't realize that PAE is regarded in such a bad light.
-Lucas
You beat me to it. :)
What's the difference when you look at the end result? Very little. Users are still able to install Banzai Buddy, Gator, My Cool Search, $20/min. dialer programs, etc. The only difference is that instead of ghosting to restore a hosed system, you only have to delete the users profile/home directory after backing up the data files. Big whoop. You just saved a 1/2 hour of downtime for the user and 10 min. of administrative time involved in ghosting.
Ideally, only admins can install programs. Users home directories are for storing all their user data. If you need to lock it down further and prevent executables that don't need to be installed, you can use group policy to lock down allowed executables. The technology for doing these things is there. The problem is software developers with no sense of security. This is a developer problem and will exist regardless of the platform. If Windows had the luxury of having the majority of their users and developers being geeks with an iota of security concern, Windows wouldn't have such a bad rap.
-Lucas
Do we really thing the FBI is so ignorant that they aren't aware of WEP and WPA cracking utilities?