if you look at the headers, it still shows the IP address of the host used to send the forged email.
Yeah, most of the time it's easy to pick out, but if they've inserted extra "Received from:" lines that fit the chain, it can get rather messy.
If I'm feeling lazy I'll just feed it into SpamCop and let their scripts do the detective work. You still get the opportunity to cancel it after viewing the technical details, if you change your mind.
Personally I don't see any use for software firewalls for the majority of home users.
I'm still using a software firewall on my XP machine at home, despite being behind a Linux gateway machine using iptables.
Why bother? Spyware! I might be relatively safe from incoming attacks, but I'd also like complete control over outgoing too. I could configure iptables to do the same job, but it would silently block everything, and I'd like to confirm anything unusual (perhaps a web page is sourcing something from an unusual port). Of course, I set up rules for common permitted stuff to avoid being hassles all the time.
I suppose A software firewall can help reduce outgoing connection damage (spam, bots,...) from virus attacks, but I'd certainly never rely on it.
why doesn't anyone take a gander at the detonator drivers and figure out what OTHER games it's tuned to?
I've had a quick look at the ANSI and Unicode strings in NV4.SYS and NV4_MINI.SYS (the main NT/2K/XP drivers), as well as NV* files in the Windows\System32 directory. Despite lots of other strings being found, there's no mention of 3dmark or quake. I guess they must be making a special effort to conceal them - suspicious in itself.
If they are only making optimisations for speed, without loss of quality, would they have any reason to hide them?
As soon as someone does dig the information from the binaries, the applications could no doubt be checked for further cheating.
1 GRAM at 20,000 MPH instead of 1 gram at 31280 Kilometers 1 KG at 20 MPH instead of 1 kilogram at 32.18 Kilometers
Heh! I'm not sure if you're serious or not, but does it really matter what the units were, as they're consistent? My example could have be seen as:
1 <mass unit> at 20000 <velocity units> 1000 <mass units> at 20 <velocity units>
With momentum being mass * velocity the formula still holds regardless of the units used.
g/Kg seemed easiest for mass, with the familiar MPH for velocity (rather than a traditional m/s). I live in the UK where we have a warped mixture of imperial and metric, so you'll have to forgive me!
That said, I do agree with the other posts saying that kinetic energy is more important than momentum in this case. Also, with kinetic energy involving velocity squared it's not quite so simple to compare them. I suppose it does also depend on other factors such as object size/area, materials, air resistance, etc. etc.
'ulimit' allows you to control various limits, including the number of user processes. ulimit -a will display the current limits. On my RedHat box it defaulted to 512 processes, which is rather a lot (I'm not sure about the kernel process table limit though).
ulimit -u 20 will limit the user to 20 processes, which can be added to/etc/profile to cover all users. Users can further limit their own settings, but can't relax them.
I'd be interested to hear if that fixes it for you - I'd rather not test it out on my server box at the moment!
$0& launches the same script again as a background process, using the original command-line. So the example script launches two copies of itself, which each launch two copies, which each launch two copies,...
It doesn't take long for the system to become completely overwhelmed, unless process accounting limits the number of processes for each user (which is always a good idea on most shell systems).
Opera's SHIFT-clck opens the link in another tab but moves focus to that tab. I dislike that shifting focus but have been unable to find how to change it (if it's possible).
Ctrl-Shift-click will do it:-)
I still use mouse gestures for everything, where a down gesture on a link opens it in a new tab, and a down-up gesture does the same without shifting the focus.
More useful would be figuring out: a) Why we yawn. b) Why, when we yawn, does it cause someone ELSE to yawn. c) What can I do to STOP yawning.
a) I believe this is down to not taking in enough oxygen, causing us to take a deep intake of breath.
b) I heard this came from living in groups, where it's important that the daily routine of the group is synchronised. If the yawns are catching, it helps settle down the group to sleep at the same time. *How* they're catching is probably another mystery!
c) get some sleep;-) or so something else to stay active and away, so you'll breath properly. Bright lights are good at keeping the brain awake.
Now, I'm not sure how they got hold of it, but they did, and I have to deal with it.
That's made easier to deal with if you have mail services that provide unlimited mailboxes (or if you have your own domain). It means you can set up a separate mailbox/alias for each service you use (slashdot@mydomain.com, ebay@mydomain.com, etc.).
If you start getting spam to any of them you immediately know the source of the leak, and can block further access to that alias. If you still want the service you were using, simply sign it up for another mailbox.
You can do all of the above yourself quite easily with a Linux box, or could pay for the service through somewhere like port995.com (UK-based, like me).
Trilogy? Are they releasing two Matrix sequels at the same time or something?
Boy are you out of the loop! One's out in May and the other in November, so sometime next year you'll probably be able to pick up all 3 in a special box set.
Like most people, I'll wait for the complete set before buying either of the new ones. I do already have the first one on DVD, but then who doesn't?
MS will also figure out how to make Windows versions of.NET programs run poorly or not at all under non-Windows OS's.
They can't do that since they have no control over the execution environment. The program data is the same in both cases, so how well it runs is completely up to the implementation on each platform. It's up to Mono how well the programs run, and you can bet that they'll want to squeeze out as much performance as possible.
With Java they could do as much (or as little) optimisation, and a poor JVM implementation could taint Java's reputation (wasn't the JIT JVM implementation in IE much faster than the Sun equivalent anyway?).
The only chance MS have of crippling the performance is if they write the Linux implementation in place of Mono, and that ain't gonna happen anytime soon.
When nobody has any money, sales are going to decline! Get over it, Record Industry! The "piracy" argument is overplayed at best - just like everything else the RIAA pumps out - and at worst it's a red herring.
At the current rate they'll have any new regulations in place just as the economy starts picking up again. That will give them further "proof" their poor sales were entirely down to P2P piracy.
If we can just stall them for a while we can foil their evil plans!
I'm hoping that creating a boot loader with lilo and choosing which floppy to boot off. Anyone got an experience of this and care to share thier thougts?
What could be better for a professional Spammer than attending an Anti-Spam Conference? Learn all the techniques and issues you will have to encounter in the upcoming months.
I guess a decent solution needs to work like cryptography: you give sample code and explain the algorithms involved, but it still can't be exploited. The current methods seem too much like security through obscurity, which results in a never-ending battle of each side playing catch-up.
It still seems like there needs to be a level of trust involved with peering networks, which slow down untrusted SMTP clients, reducing the problems caused by open relays. If all major ISPs only accepted mail from trusted peers at full speed, there wouldn't even need to be a change to the SMTP protocol.
It is a complicated issue because large ISPs can receive numerous simultaneous connections from other email servers at other large ISPs
How about combining the idea with a list of trusted peers, which avoid any delay? Messages relayed through ISPs known to be 'good' would be accepted immediately, avoiding backlogs. Messages from 'bad' ISPs would be slow in relaying to the rest of the world, likely causing backlogs. It's not as harsh as an RBL-style blacklist, but gives a real reason to clean up their acts.
The delay would still need to be applied to customers sending through their own ISP, to prevent throw-away accounts from flooding messages into the 'trusted' network.
I'm still surprised each ISP doesn't have more in place to detect suspicious mail activity. HTTP is transparently proxied for caching in many ISPs, so why can't the same be done for SMTP? It'd be easy enough to restrict the number of messages sent within a certain time frame, perhaps with the option for certain customers to request a higher limit?
Slashdot Mirror
why do the people from our European offices (Ireland and France mostly) ALWAYS order budweiser when they come to the states?
"When in Rome..."?
Incidentally, the same could be said about you.
:-)
Perhaps he's not so anonymous afterall...?
But the moment a student would try the same thing, he would be expelled.
:-)
Thankfully Ferris got away with it
if you look at the headers, it still shows the IP address of the host used to send the forged email.
Yeah, most of the time it's easy to pick out, but if they've inserted extra "Received from:" lines that fit the chain, it can get rather messy.
If I'm feeling lazy I'll just feed it into SpamCop and let their scripts do the detective work. You still get the opportunity to cancel it after viewing the technical details, if you change your mind.
Just this morning I got 5 emails from hotmail accounts asking if I wanted:
:-)
Spammers fake the sender's address all the time. If you dug into the mail header details I'm willing to bet they didn't come from Hotmail servers.
Try typing this in exactly as shown:
telnet your.smtp.server 25
HELO somedomain.com
MAIL FROM:
RCPT TO:
DATA
Subject: junk subject line
junk body text
.
The blank line after the subject and the dot on the line by itself are important.
Congratulations - you've just sent yourself a forged e-mail. Easy wasn't it?
How difficult is it to just press delete, if you're not interested in the offer?
So you'd be happy to be called in the middle of the night, and would just reply "no thanks, I'm not interested" to the caller?
but SMS ads are free for the receiver
They fill up my mobile Inbox, taking away space for other messages. They also have a habit of arriving in the middle of the night, waking me up.
and not very annoying.
Care to post your mobile number so we can sign you up for some free offers? You can always press delete on the ones that don't interest you.
Personally I don't see any use for software firewalls for the majority of home users.
...) from virus attacks, but I'd certainly never rely on it.
I'm still using a software firewall on my XP machine at home, despite being behind a Linux gateway machine using iptables.
Why bother? Spyware! I might be relatively safe from incoming attacks, but I'd also like complete control over outgoing too. I could configure iptables to do the same job, but it would silently block everything, and I'd like to confirm anything unusual (perhaps a web page is sourcing something from an unusual port). Of course, I set up rules for common permitted stuff to avoid being hassles all the time.
I suppose A software firewall can help reduce outgoing connection damage (spam, bots,
why doesn't anyone take a gander at the detonator drivers and figure out what OTHER games it's tuned to?
I've had a quick look at the ANSI and Unicode strings in NV4.SYS and NV4_MINI.SYS (the main NT/2K/XP drivers), as well as NV* files in the Windows\System32 directory. Despite lots of other strings being found, there's no mention of 3dmark or quake. I guess they must be making a special effort to conceal them - suspicious in itself.
If they are only making optimisations for speed, without loss of quality, would they have any reason to hide them?
As soon as someone does dig the information from the binaries, the applications could no doubt be checked for further cheating.
1 GRAM at 20,000 MPH instead of 1 gram at 31280 Kilometers
1 KG at 20 MPH instead of 1 kilogram at 32.18 Kilometers
Heh! I'm not sure if you're serious or not, but does it really matter what the units were, as they're consistent? My example could have be seen as:
1 <mass unit> at 20000 <velocity units>
1000 <mass units> at 20 <velocity units>
With momentum being mass * velocity the formula still holds regardless of the units used.
g/Kg seemed easiest for mass, with the familiar MPH for velocity (rather than a traditional m/s). I live in the UK where we have a warped mixture of imperial and metric, so you'll have to forgive me!
That said, I do agree with the other posts saying that kinetic energy is more important than momentum in this case. Also, with kinetic energy involving velocity squared it's not quite so simple to compare them. I suppose it does also depend on other factors such as object size/area, materials, air resistance, etc. etc.
> F = Ma
It's not really force/acceleration that's important, it's kinetic energy and momentum:
Kinetic Energy = 0.5 * mass * (velocity^2)
Momentum = mass * velocity
So a 1g spec of dirt travelling at 20,000mph has the same momentum as a 1KG block travelling at 20mph - something best avoided!
how do you prevent this from happening.
/etc/profile to cover all users. Users can further limit their own settings, but can't relax them.
I forgot to cover this question...
'ulimit' allows you to control various limits, including the number of user processes. ulimit -a will display the current limits. On my RedHat box it defaulted to 512 processes, which is rather a lot (I'm not sure about the kernel process table limit though).
ulimit -u 20 will limit the user to 20 processes, which can be added to
I'd be interested to hear if that fixes it for you - I'd rather not test it out on my server box at the moment!
$0& launches the same script again as a background process, using the original command-line. So the example script launches two copies of itself, which each launch two copies, which each launch two copies, ...
It doesn't take long for the system to become completely overwhelmed, unless process accounting limits the number of processes for each user (which is always a good idea on most shell systems).
... and I thought you were just pleased to see me. ;-)
Could you be thinking of Evil Edna from Willo-the-Wisp?
:-)
That's who it reminds me of anyway
Opera 7? Wake me when they make it cross platform.
3 65-200 30307-7.0.0-P2/
;-)
There's a Linux beta of 7.0 out:
http://snapshot.opera.com/unix/intel-linux/
You didn't mention which platform you were interested in. Don't expect a C64 release anytime soon...
Opera's SHIFT-clck opens the link in another tab but moves focus to that tab.
:-)
I dislike that shifting focus but have been unable to find how to change it (if it's possible).
Ctrl-Shift-click will do it
I still use mouse gestures for everything, where a down gesture on a link opens it in a new tab, and a down-up gesture does the same without shifting the focus.
We're missing the obvious one...
"It's *so* black, light just falls into it."
More useful would be figuring out:
;-) or so something else to stay active and away, so you'll breath properly. Bright lights are good at keeping the brain awake.
a) Why we yawn.
b) Why, when we yawn, does it cause someone ELSE to yawn.
c) What can I do to STOP yawning.
a) I believe this is down to not taking in enough oxygen, causing us to take a deep intake of breath.
b) I heard this came from living in groups, where it's important that the daily routine of the group is synchronised. If the yawns are catching, it helps settle down the group to sleep at the same time. *How* they're catching is probably another mystery!
c) get some sleep
Now, I'm not sure how they got hold of it, but they did, and I have to deal with it.
That's made easier to deal with if you have mail services that provide unlimited mailboxes (or if you have your own domain). It means you can set up a separate mailbox/alias for each service you use (slashdot@mydomain.com, ebay@mydomain.com, etc.).
If you start getting spam to any of them you immediately know the source of the leak, and can block further access to that alias. If you still want the service you were using, simply sign it up for another mailbox.
You can do all of the above yourself quite easily with a Linux box, or could pay for the service through somewhere like port995.com (UK-based, like me).
Trilogy? Are they releasing two Matrix sequels at the same time or something?
Boy are you out of the loop! One's out in May and the other in November, so sometime next year you'll probably be able to pick up all 3 in a special box set.
Like most people, I'll wait for the complete set before buying either of the new ones. I do already have the first one on DVD, but then who doesn't?
MS will also figure out how to make Windows versions of .NET programs run poorly or not at all under non-Windows OS's.
They can't do that since they have no control over the execution environment. The program data is the same in both cases, so how well it runs is completely up to the implementation on each platform. It's up to Mono how well the programs run, and you can bet that they'll want to squeeze out as much performance as possible.
With Java they could do as much (or as little) optimisation, and a poor JVM implementation could taint Java's reputation (wasn't the JIT JVM implementation in IE much faster than the Sun equivalent anyway?).
The only chance MS have of crippling the performance is if they write the Linux implementation in place of Mono, and that ain't gonna happen anytime soon.
When nobody has any money, sales are going to decline! Get over it, Record Industry! The "piracy" argument is overplayed at best - just like everything else the RIAA pumps out - and at worst it's a red herring.
At the current rate they'll have any new regulations in place just as the economy starts picking up again. That will give them further "proof" their poor sales were entirely down to P2P piracy.
If we can just stall them for a while we can foil their evil plans!
I'm hoping that creating a boot loader with lilo and choosing which floppy to boot off. Anyone got an experience of this and care to share thier thougts?
Check out Bart's way to create bootable CD-Roms, which includes instructions on using LILO to do just what you want.
What could be better for a professional Spammer than attending an Anti-Spam Conference? Learn all the techniques and issues you will have to encounter in the upcoming months.
I guess a decent solution needs to work like cryptography: you give sample code and explain the algorithms involved, but it still can't be exploited. The current methods seem too much like security through obscurity, which results in a never-ending battle of each side playing catch-up.
It still seems like there needs to be a level of trust involved with peering networks, which slow down untrusted SMTP clients, reducing the problems caused by open relays. If all major ISPs only accepted mail from trusted peers at full speed, there wouldn't even need to be a change to the SMTP protocol.
It is a complicated issue because large ISPs can receive numerous simultaneous connections from other email servers at other large ISPs
How about combining the idea with a list of trusted peers, which avoid any delay? Messages relayed through ISPs known to be 'good' would be accepted immediately, avoiding backlogs. Messages from 'bad' ISPs would be slow in relaying to the rest of the world, likely causing backlogs. It's not as harsh as an RBL-style blacklist, but gives a real reason to clean up their acts.
The delay would still need to be applied to customers sending through their own ISP, to prevent throw-away accounts from flooding messages into the 'trusted' network.
I'm still surprised each ISP doesn't have more in place to detect suspicious mail activity. HTTP is transparently proxied for caching in many ISPs, so why can't the same be done for SMTP? It'd be easy enough to restrict the number of messages sent within a certain time frame, perhaps with the option for certain customers to request a higher limit?