Yeah, the Amiga has a cult following still, it should at least be mentioned. The Atari - while some argued that it was technically superior, it definitely had a short existence and few fans.
The only people that argued that the Atari was technically superior were Atari owners. Was it not obvious that due to the additional co-processors and pre-emptive multitasking that the Amiga was the more advanced platform?
Forget about installing stable/unstable, instead download Knoppix which is a complete Debian
distro on a bootable CD. You boot the CD, which then autodetects
all your hardware, then you run the
knx-installer script to install the whole thing on your harddisk.
You don't have a choice in what packages to get, but after installation
you can easily remove (and add) others.
The Cisco one (which Vonage uses) can bew had for $120-$130 at various places online. After getting a good cable modem connection, my Vonage service has been perfect-- and I use that at the same time as another IP phone over a VPN connection. I ditched my landline last April, and haven't regretted it.
The ATA-186 is around VHS tape size. You can just plug your standard wireless phone basestation into it to easy service your house, or patch into existing wiring, assuming you are sure to disconnect external service first.
Cisco ATA 186
That will start tcsh each time you ssh in, or start a Terminal window. ..and it will break sftp too, as sftp runs your login shell (and it's associated start up files) prior to starting the sftp after authenticating. Authenticated sessions will now hang with a mod as shown above.
I have a ReplayTV, and recently built a MythTV box. The ReplayTV rocks, and allows me to use DVarchive on another box to regularly dump the video to my mythtv box, so it too can watch the Replay's shows. It shouldn't be difficult to integrate the Replay's ability to stream live video within MythTV. With a cheap Hauppauge video card (bought for $19) I can record 480x480 (SVCD resolution) with the RTjpeg video, and watch it at the same time. I've got it set for automatic transcoding as well, so while I can watch it right away in it's RTjpeg format, in the background it re-encodes it to a smaller format. I recently put an additional CPU in the PIII 866 box and am thinking of getting another TV tuner card. If I bought a PVR-250 card, I'd have hardware MPEG encoding with little CPU useage and no need for further transcoding. I used KnoppixMyth or MythKnoppix to install a fresh box. This was very quick and easy, and you KNOW all of the required software is there.
I bought a combination wireless (IR!!) keyboard/trackball on ebay and use that to control it. Since the keyboard is really pretty small, it's actually not too bad. I bought a learning remote from Radio Shack so I could teach it the keyboards keystrokes, but the remotely didn't store nearly enough commands to be useful. I'm returning it and getting a different one.
I've got a USB joypad on there to play a ton of MAME games I've got, as well as the included Tux Racer. The wireless keyboard works well for some of the games as well.
I've got samba running, and using that to export filesystems to both Windows and Linux boxes (via smbfs).
The commercial skip on the MythTV works better than the one on the Replay, IMHO.
The weather channel feature is handy.
The image viewer is handy, and we use the ReplayTV version a lot.
There are some interface things I'd like to change as well, but generally MythTV looks great. The web interface is better than the elsewhere hosted-at-least-1-day-in-advance ReplayTV version. The ability to be 1 click away from a given movies IMDB entry is nice.
A Tivo owning friend saw one and thought he liked Myth better than his Tivo. I'm nearly at the point now I'll probably buy a PVR card and put the MythTV box in the living room, and the ReplayTV up in the bedroom.
I've had good results with G4U, a free NetBSD based boot floppy imaging system. Total requirements are nice-- 1 floppy or CDROM, 1 ftp server, 1 dhcp server.
We cloned my kids whole school quite quickly using this system and I've had good results on a laptop as well.
doesn't sound like he's describing the typical Squid deployment, where people willingly configure their browsers to go through the proxy -- it sounds more like he's describing a transparent proxy, which intercepts packets from client machines that aren't actually configured to use any HTTP proxy.
Actually, in the case of my kids school, I *did* configure a transparent proxy, as dealing with proxy config files on 110+ hosts would have sucked. At home I don't have a transparent proxy set up though.
Cache servers are a bad idea. The
very idea is to try to be an end-all be-all to everyone who uses them.
There are bug-fixes to some of the problem, but no way to solve the
essential problem of the fact that MOST data on the web is dynamic now.
Using cache servers with dynamic data is inviting difficulty and
problem.
Cache servers are NOT a bad idea, they are a
GREAT idea, and for this reason they are in wide use. I don't
know what cache engine you were using, but it sure sounds like it
sucked. Cache engines from Cisco and Network Appliance are
said to be good. The open source squid proxy is an EXCELLENT
cache engine from my experience, and I've yet to see any problems
similar to what you've described. I've had squid in use at my
kids school for the last year without any problems, and have been using
it here at home for at least 3-4 years. It too can be
configured to not download ads from known ad sources (like
Doubleclick).
Using something like squid is very useful in a school environment
especially. A teacher tells the class to all load a web page and
it's only fetched from the web once, then all students are served it
via the high speed cache. This saves both time and
bandwidth.
if a machine scans your firewall then you look to see if you recognise the signature of the scan (i.e. the likes of Code Red, ete, have quite distinctive patterns of scanning) and then your firewall launches an exploit against that machine that is scanning you.
Just great-- now I know if I spoof IP's and scan you I can have you attack whoever I wish. Defense is blackholing the box attacking you-- not attacking somebody else who may be innocent.
If these worms just WIPED everybodies drives maybe, just MAYBE somebody would be curious AND MOTIVATED as to what they could do to prevent it next time. Right now people live for years with all kinds of viruses and worms on their boxes and don't have a clue...not that I would advocate mass deletions of data, but the clueless masses need SOME kind of big stick.
obviously those poll results were bogus-- as back in '99 mutt ruled the universe:-)
Mutt's lack of IMAP header caching finally caused me to jump ship to Mozilla Mail, now I'm using Thunderbird and am loving it, especially the spam filters....back in the day spam wasn't such a big deal.....mutt still rocks for dealing with large amounts of email though...and yes, I now know that there is a patch that allows IMAP header caching in mutt, but I don't believe it's in the main codebase..
Why would I want to use an unoptimized version of each of these security tools when I could speed up their operation by at least 10%?
You think nmap and nessus are going to scan 10%+ faster just because they are compiled for your specific system? I seriously doubt it-- these are NOT CPU bound applications folks. This isn't a chip simulation platform, it's a generalized distro that is supposed to be portable and have a suitable amount of security tools on it.
It just makes imminently more sense to only have source on your CD. What's the use of binary packaged security tools that could have buffer overflow vulnerabilities of their own, that I could not first examine before using.
No, it makes no sense at all to have the source on the CD so you can recompile it. First off, this is a CD-- a READ ONLY cd, so you'd need to be compiling the code each time you use the tool. If you're putting the source on there and can't change it, why not just but the binary on there to begin with?? Since all the tools you'd use to compile it are on the CD itself, on any given system you boot it on the results will be (more or less) the same anyway (except CPU optimizations, which don't matter here). Further, are you REALLY checking the source code looking for BO's and all that before you build the tools? If so, why don't you get to work and do some code audits on the existing tools out there.
Enigmail goes a long way in making that easier but it's still way beyond most people.
Not at all! I set up my wife and father with Mozilla and Enigmail, generated the keys for them, and set a few options. It now will automatically encrypt email to people it has keys for, otherwise works normally. What could be easier?
BTW, I switched to Thunderbird on a few boxes and it's great (i.e. the nearly identical to Mozmail). The latest Enigmail plugin works perfectly (on Linux).
First off - they only provide dynamic IP addresses.. they refuse to provide static addresses, even though they charge more for them.. (They claim the IP addresses are static, but you must use DHCP to get them - anyone care to tell me what the 'D' in DHCP stands for?)
While the D stands for Dynamic, just because you get your IP via DHCP doesn't mean you don't get a static IP. You often configure DHCP servers to give our the same static IP to hosts. Why? Because it makes it much easier to reip the host/network later-- you have 1 config file to change instead of 10,000 hosts to reconfigure, and don't have to worry about the misconfiguration of those hosts.
Still, I would be looking for something more in the "ideal" home network, such as a POTS to IP-telephony gateway..do it right now, with a Cisco ATA-186 and Vonage IP phone service. Works great. The ATA-186 is free with Vonage service, although I think you can probably buy one new for $150.
I don't run WEP, but secure my network by changing the default ip address of my router and disabling DHCP. So you have to know the correct subnet to use to get on my network and assign your own ip address.
You're not "securing" your network by changing the address and disabling DHCP. You're making an attacker take an additional few seconds before jumping on your network. Sniffing your network for a few minutes will reveal what address range should be used.
A better solution:
1) disable SSID broadcasting. Note that this is simply a "good" thing to do-- SSIDs can still be sniffed in normal traffic. 2) Use MAC filtering-- i.e. set your access point to only allow the mac addresses for the cards you have. This helps, but does *not* prevent others from stealing your mac for acccess. 3) Use the lame WEP 4) Use a VPN. Have your wireless in your DMZ (behind a firewall) and in front of another one. Have the internal firewall allow though the port(s) required for for your laptops to authenticate to your internal VPN server. You can use IPSEC, CIPE, OpenVPN, vtun, or even PPP over SSH (not recommended). I personally like OpenVPN, although there is no Windows client at the moment (there is for IPSEC and CIPE though).
Configure your externally facing firewall to NOT allow packets out from your wireless-- instead those packets need to come from your VPN server. If somebody gets access to your wireless network they then cannot access the internet nor can they access your home network.
Running something like arpwatch looking for new MAC addresses is a nice thing as well, but if you're using mac address filtering it should be impossible for any other mac to authenticate on your network anyway.
"straight" chiropractors are a crock, as far as I'm concerned. Ask a straight chiropractors what messing with your spine can cure all you'll hear all kinds of bullshit, like how many say they can cure EAR INFECTIONS by spinal manipulations. Utter bullshit. "mixed" chiros though, they treat the whole back as a system of muscles AND your spine, and work accordingly.
To make a long story short, I got the low down on this after falling and hurting my back. I suffered in pain for a year, and finally went to see a chiropractor. The first one I went to was a "straight" one (who are typically members of the American Association of Chiropractors I believe) who messed with my spine and told me it would be several MONTHS before I'd feel any difference, and that I had to come see him 3-5 times a week for a year, costing several thousand dollars. I went a couple of times, it did shit. The last time I went to the chiropractor, they accidentally gave me my file, along with a bunch of propaganda touting the wonders of chiro. I guess I was supposed to drop my file off at the front desk, but I accidentally walked out with it. It had the complete test results with diagrams, etc. I then went to another chiro that a family member had good results with. I asked him to check me out, told him about the fall, etc. Didn't tell him about seeing the other "doctor". He checked me out, told me what my problem was (pulled a muscle on one side, that muscle atrophied, and the other side was pulling hard on my spine, causing pain), and told me he could easily fix it in 2 weeks. I couldn't believe what he said, and pulled out the file from the other place. He looked it over and commented that the previous doctor had done a very complete diagnosis, and that he agreed with everything in the file. I asked him how could he say that he'd fix me up in 2 weeks, and the other guy told me it'd take a year, and I'd have to go months before noticing any relief. He then laid out the whole difference between the American Ass of Chiro and the International Ass of Chiro. The American ones only mess with the spine, the International ones treat the spine AND the muscles. Since my particular problem was due to muscle atrophy, the solution was to work that atrophied muscle back into shape again, hence ending the uneven pulling on my spine. The "quack" never would have solved my problem as near as I can see, as he never would work on the muscle! BTW, it didn't take 2 weeks to fix my problem-- it only took 3 visits (1 week!). He used muscle stimulators, manually worked it, etc.
This (good) doctor told me he had been somewhat "blacklisted" from most of the other chiro's in the city (Ottawa, Ontario) for telling patents the truth.
*Never* goto a straight chiropractor or member of the American Association of Chiropractors!
Slashdot Mirror
It just worked fine with Mozilla Firebird on Linux for me..
Yeah, the Amiga has a cult following still, it should at least be mentioned. The Atari - while some argued that it was technically superior, it definitely had a short existence and few fans.
The only people that argued that the Atari was technically superior were Atari owners. Was it not obvious that due to the additional co-processors and pre-emptive multitasking that the Amiga was the more advanced platform?
Forget about installing stable/unstable, instead download Knoppix which is a complete Debian distro on a bootable CD. You boot the CD, which then autodetects all your hardware, then you run the knx-installer script to install the whole thing on your harddisk. You don't have a choice in what packages to get, but after installation you can easily remove (and add) others.
Hehe, me too, and when I don't do that I use rsync over ssh like this:
That will start tcsh each time you ssh in, or start a Terminal window.
..and it will break sftp too, as sftp runs your login shell (and it's associated start up files) prior to starting the sftp after authenticating. Authenticated sessions will now hang with a mod as shown above.
The parent poster is the creater of Speex, which is a kick-ass audio compression format designed for speech. See here: Speex
...right, so if you use the "none" cipher ("-c none" if configured) you're done.
ssh remotebox "dd if=/dev/hda" > remotebox-hda.dd
Nice, because you don't have to log into a machine in a seperate step to start the server process.
With a cheap Hauppauge video card (bought for $19) I can record 480x480 (SVCD resolution) with the RTjpeg video, and watch it at the same time.
Oh, I can do 640x480 now perfectly as well. With overscan on the scan converter the picture looks near perfect.
I have a ReplayTV, and recently built a MythTV box.
The ReplayTV rocks, and allows me to use DVarchive on another box to regularly dump the video to my mythtv box, so it too can watch the Replay's shows. It shouldn't be difficult to integrate the Replay's ability to stream live video within MythTV.
With a cheap Hauppauge video card (bought for $19) I can record 480x480 (SVCD resolution) with the RTjpeg video, and watch it at the same time. I've got it set for automatic transcoding as well, so while I can watch it right away in it's RTjpeg format, in the background it re-encodes it to a smaller format.
I recently put an additional CPU in the PIII 866 box and am thinking of getting another TV tuner card. If I bought a PVR-250 card, I'd have hardware MPEG encoding with little CPU useage and no need for further transcoding.
I used KnoppixMyth or MythKnoppix to install a fresh box. This was very quick and easy, and you KNOW all of the required software is there.
I bought a combination wireless (IR!!) keyboard/trackball on ebay and use that to control it. Since the keyboard is really pretty small, it's actually not too bad. I bought a learning remote from Radio Shack so I could teach it the keyboards keystrokes, but the remotely didn't store nearly enough commands to be useful. I'm returning it and getting a different one.
I've got a USB joypad on there to play a ton of MAME games I've got, as well as the included Tux Racer. The wireless keyboard works well for some of the games as well.
I've got samba running, and using that to export filesystems to both Windows and Linux boxes (via smbfs).
The commercial skip on the MythTV works better than the one on the Replay, IMHO.
The weather channel feature is handy.
The image viewer is handy, and we use the ReplayTV version a lot.
There are some interface things I'd like to change as well, but generally MythTV looks great.
The web interface is better than the elsewhere hosted-at-least-1-day-in-advance ReplayTV version. The ability to be 1 click away from a given movies IMDB entry is nice.
A Tivo owning friend saw one and thought he liked Myth better than his Tivo. I'm nearly at the point now I'll probably buy a PVR card and put the MythTV box in the living room, and the ReplayTV up in the bedroom.
In short, I highly recommend MythTV.
I've had good results with G4U, a free NetBSD based boot floppy imaging system. Total requirements are nice-- 1 floppy or CDROM, 1 ftp server, 1 dhcp server. We cloned my kids whole school quite quickly using this system and I've had good results on a laptop as well.
doesn't sound like he's describing the typical Squid deployment, where people willingly configure their browsers to go through the proxy -- it sounds more like he's describing a transparent proxy, which intercepts packets from client machines that aren't actually configured to use any HTTP proxy.
Actually, in the case of my kids school, I *did* configure a transparent proxy, as dealing with proxy config files on 110+ hosts would have sucked.
At home I don't have a transparent proxy set up though.
Crap. The first paragraph should have been in italics.
Cache servers are a bad idea. The very idea is to try to be an end-all be-all to everyone who uses them. There are bug-fixes to some of the problem, but no way to solve the essential problem of the fact that MOST data on the web is dynamic now. Using cache servers with dynamic data is inviting difficulty and problem.
Cache servers are NOT a bad idea, they are a GREAT idea, and for this reason they are in wide use. I don't know what cache engine you were using, but it sure sounds like it sucked. Cache engines from Cisco and Network Appliance are said to be good. The open source squid proxy is an EXCELLENT cache engine from my experience, and I've yet to see any problems similar to what you've described. I've had squid in use at my kids school for the last year without any problems, and have been using it here at home for at least 3-4 years. It too can be configured to not download ads from known ad sources (like Doubleclick).
Using something like squid is very useful in a school environment especially. A teacher tells the class to all load a web page and it's only fetched from the web once, then all students are served it via the high speed cache. This saves both time and bandwidth.
if a machine scans your firewall then you look to see if you recognise the signature of the scan (i.e. the likes of Code Red, ete, have quite distinctive patterns of scanning) and then your firewall launches an exploit against that machine that is scanning you.
..not that I would advocate mass deletions of data, but the clueless masses need SOME kind of big stick.
Just great-- now I know if I spoof IP's and scan you I can have you attack whoever I wish. Defense is blackholing the box attacking you-- not attacking somebody else who may be innocent.
If these worms just WIPED everybodies drives maybe, just MAYBE somebody would be curious AND MOTIVATED as to what they could do to prevent it next time. Right now people live for years with all kinds of viruses and worms on their boxes and don't have a clue.
obviously those poll results were bogus-- as back in '99 mutt ruled the universe :-)
...back in the day spam wasn't such a big deal... ..mutt still rocks for dealing with large amounts of email though. ..and yes, I now know that there is a patch that allows IMAP header caching in mutt, but I don't believe it's in the main codebase..
Mutt's lack of IMAP header caching finally caused me to jump ship to Mozilla Mail, now I'm using Thunderbird and am loving it, especially the spam filters.
Why would I want to use an unoptimized version of each of these security tools when I could speed up their operation by at least 10%?
You think nmap and nessus are going to scan 10%+ faster just because they are compiled for your specific system? I seriously doubt it-- these are NOT CPU bound applications folks. This isn't a chip simulation platform, it's a generalized distro that is supposed to be portable and have a suitable amount of security tools on it.
It just makes imminently more sense to only have source on your CD. What's the use of binary packaged security tools that could have buffer overflow vulnerabilities of their own, that I could not first examine before using.
No, it makes no sense at all to have the source on the CD so you can recompile it. First off, this is a CD-- a READ ONLY cd, so you'd need to be compiling the code each time you use the tool. If you're putting the source on there and can't change it, why not just but the binary on there to begin with?? Since all the tools you'd use to compile it are on the CD itself, on any given system you boot it on the results will be (more or less) the same anyway (except CPU optimizations, which don't matter here). Further, are you REALLY checking the source code looking for BO's and all that before you build the tools? If so, why don't you get to work and do some code audits on the existing tools out there.
Every router that has smtp alerting.
No, every router has SNMP alerting, not SMTP.
Enigmail goes a long way in making that easier but it's still way beyond most people.
Not at all! I set up my wife and father with Mozilla and Enigmail, generated the keys for them, and set a few options. It now will automatically encrypt email to people it has keys for, otherwise works normally. What could be easier?
BTW, I switched to Thunderbird on a few boxes and it's great (i.e. the nearly identical to Mozmail).
The latest Enigmail plugin works perfectly (on Linux).
First off - they only provide dynamic IP addresses.. they refuse to provide static addresses, even though they charge more for them.. (They claim the IP addresses are static, but you must use DHCP to get them - anyone care to tell me what the 'D' in DHCP stands for?)
While the D stands for Dynamic, just because you get your IP via DHCP doesn't mean you don't get a static IP. You often configure DHCP servers to give our the same static IP to hosts. Why? Because it makes it much easier to reip the host/network later-- you have 1 config file to change instead of 10,000 hosts to reconfigure, and don't have to worry about the misconfiguration of those hosts.
Still, I would be looking for something more in the "ideal" home network, such as a POTS to IP-telephony gateway ..do it right now, with a Cisco ATA-186 and Vonage IP phone service. Works great. The ATA-186 is free with Vonage service, although I think you can probably buy one new for $150.
I don't run WEP, but secure my network by changing the default ip address of my router and disabling DHCP. So you have to know the correct subnet to use to get on my network and assign your own ip address.
You're not "securing" your network by changing the address and disabling DHCP. You're making an attacker take an additional few seconds before jumping on your network. Sniffing your network for a few minutes will reveal what address range should be used.
A better solution:
1) disable SSID broadcasting. Note that this is simply a "good" thing to do-- SSIDs can still be sniffed in normal traffic.
2) Use MAC filtering-- i.e. set your access point to only allow the mac addresses for the cards you have. This helps, but does *not* prevent others from stealing your mac for acccess.
3) Use the lame WEP
4) Use a VPN. Have your wireless in your DMZ (behind a firewall) and in front of another one. Have the internal firewall allow though the port(s) required for for your laptops to authenticate to your internal VPN server.
You can use IPSEC, CIPE, OpenVPN, vtun, or even PPP over SSH (not recommended). I personally like OpenVPN, although there is no Windows client at the moment (there is for IPSEC and CIPE though).
Configure your externally facing firewall to NOT
allow packets out from your wireless-- instead those packets need to come from your VPN server.
If somebody gets access to your wireless network they then cannot access the internet nor can they access your home network.
Running something like arpwatch looking for new MAC addresses is a nice thing as well, but if you're using mac address filtering it should be impossible for any other mac to authenticate on your network anyway.
Yes, should work fine.
Worst case is that you need to portforward some ports, although with a proper stateful (2.4 series) firewall you're good to go.
"straight" chiropractors are a crock, as far as I'm concerned. Ask a straight chiropractors what messing with your spine can cure all you'll hear all kinds of bullshit, like how many say they can cure EAR INFECTIONS by spinal manipulations. Utter bullshit. "mixed" chiros though, they treat the whole back as a system of muscles AND your spine, and work accordingly.
To make a long story short, I got the low down on this after falling and hurting my back. I suffered in pain for a year, and finally went to see a chiropractor. The first one I went to was a "straight" one (who are typically members of the American Association of Chiropractors I believe) who messed with my spine and told me it would be several MONTHS before I'd feel any difference, and that I had to come see him 3-5 times a week for a year, costing several thousand dollars. I went a couple of times, it did shit. The last time I went to the chiropractor, they accidentally gave me my file, along with a bunch of propaganda touting the wonders of chiro. I guess I was supposed to drop my file off at the front desk, but I accidentally walked out with it. It had the complete test results with diagrams, etc.
I then went to another chiro that a family member had good results with. I asked him to check me out, told him about the fall, etc. Didn't tell him about seeing the other "doctor". He checked me out, told me what my problem was (pulled a muscle on one side, that muscle atrophied, and the other side was pulling hard on my spine, causing pain), and told me he could easily fix it in 2 weeks. I couldn't believe what he said, and pulled out the file from the other place. He looked it over and commented that the previous doctor had done a very complete diagnosis, and that he agreed with everything in the file. I asked him how could he say that he'd fix me up in 2 weeks, and the other guy told me it'd take a year, and I'd have to go months before noticing any relief. He then laid out the whole difference between the American Ass of Chiro and the International Ass of Chiro. The American ones only mess with the spine, the International ones treat the spine AND the muscles. Since my particular problem was due to muscle atrophy, the solution was to work that atrophied muscle back into shape again, hence ending the uneven pulling on my spine. The "quack" never would have solved my problem as near as I can see, as he never would work on the muscle!
BTW, it didn't take 2 weeks to fix my problem-- it only took 3 visits (1 week!). He used muscle stimulators, manually worked it, etc.
This (good) doctor told me he had been somewhat "blacklisted" from most of the other chiro's in the city (Ottawa, Ontario) for telling patents the truth.
*Never* goto a straight chiropractor or member of the American Association of Chiropractors!