For you Cisco people; how many have chuckled when you realized that the number to clear the startup config (config reg) on most cisco routers is 0x42 ?
Years ago a friend of mine used to do something similar: He had a web page that celarly stated the terms which he would accept mail.
The page had a clearly stated no-spam accepted policy, and that the spam would be reported to the authorities; and in the wording of the policy, he had the email addresses (both semi-private work and public function) for legislators and gov. offices that deal with spam. [with of course abuse@[localhost] ]
This way if someone was using a harvester to get email addresses, they would end up possibly sending to the legistlators that did not think spam was a problem.. [ in 1997]
So it was not JUST a honeypot. It did have a function of informing.
Re:Why do they track their visitors ?
on
Video Game Music Mixes
·
· Score: 3, Informative
Like most websites, they want to know what users are visiting their sites. They may be using something like bbclone (http://bbclone.tuxfamily.org/) which uses php scripts to log web page accesses... example of a bbclone report is at http://bbclone.tuxfamily.org/varstuff/bbclone-0.15.1.html
One of the interesting side effects is that it can be a way to find out who is linking to your pages since it also shows the referrer info...
Knowing which browser you use can help in making sure that their pages work in all availible browsers that their potential audiance uses.
{before you say anything... yes... the pages should be optimised for ALL browsers... but then who said we lived in a utopian world...})
The reason that I and many that I know use forwarding is because of ISPs that decide to change names or like the recent attbi issues.
I actually advocate getting third party accounts for everything.. Mail, Usenet, webspace; and leave the ISP account for access only. That way if anything happens to the ISP connectivity, the other stuff does not get affected....
Since 1997 I have chnaged ISPs 4 times; but still have kept the same email address. Before using forwarded email, I had an email account that where shut down by ISPs abruptly. No. I do not spam.
The first time was when an ISP diconnected my service without notice (www.arn.net) and it was extremely painful to change all the accounts that depend on registrations being sent to email accounts for updates towards the new account.
The second time was when earthlink (www.earthlink.net) disconnected my account for multiple logins {at that time they considered multilink ppp connections as against the AUP as "connecting from two locations" even though their system allows it and its connecting from the SAME location/machine... Now they just send a bill for the second connection} . Luckily I was using a forwarded email account that forwarded to my earthlink account. The "registered accounts" did not need to know the change of the "final destination"; which took less than 10 mins once I got access to the internet.
The last two were also easy to change due to the forwarded account as well.... (I moved; so I had to change ISPs)
So why is RR getting pissed? They may notice that nobody is using the ISP accounts that they are possibly associating advertising potential dollars to. {by spamming their own customers with "newsletters"... something that many ISPS seem to be doing lately}
Even if the games were originally meant for windows, they were meant for pre win98 windows and probably work great in wine or other x86 emulators for linux with little effort.
There are many games/ applications that failed the marketing/distribution wars when there was no Internet for the masses. There are many applications and even OSes today that would not have flourished without the internet. Bringing back those "old binaries" in a form that can be downloaded may bring many an enjoyment that they would have missed forever.
The question is when will the stuff that they are working on NOW be avail. for geenral use?
Everyone knows that things like the internet, GPS and even caller ID would not have been developed without a certain amount of pushing of the technology spectre by those organizations in their race to outdo each other.
yes... the quick proliferation of spam is a known issue... The bigger problem is the other vulnerabilities out there...
I have several IDS/Honeypot machines in various locations that help me gauge certain "problems"...
Just as an example (though not from a honeypot; but when a friend recently put up a new machine, within 9 mins of the machine being powered up from when it got the pppoe lease it was hit with a nimda scan. [Luckily he had a virus scanner already installed with a recent dat file and engine, but was going online to download the latest update for IE and win2k]
Unfortunately windows is not the only OS out there being scanned for active exploits... My Linux boxen got scanned for SSH and RPC exploits within 40 mins of coming online.
It has gotten so that you have to do a FULL install/upgrade BEFORE going online; which in many cases is a catch 22 situation since to get those updates you have to go online.
As a computer consultant, you would not believe the number of times I hear "But I just installed the system; I cant already have a virus on it."
CERT among others have guidelines on what to do if compromised (http://www.cert.org/tech_tips/win-UNIX-system_com promise.html) ; but they still dont address the issue that the system becomes compromised BEFORE any of the normal security steps are taken to harden the system.
as for certs email spoof guidelines, http://www.cert.org/tech_tips/email_spoofing.html; they are barely a tip of the iceberg when it comes to REAL problem wrt. spammers and how far they are williing to go... (To take a look at the current anti spam effort, one may want to go to news:news.admin.net-abuse.email]
Personally I am ALL FOR caches... Just make them optional so that I can turn it off in the very rare situations that it breaks someting.
There are several protocols that allow the end user to automatically detect the cache servers that they need to use.
I have used and deployed several squid proxy-caches http://www.squid-cache.org/ that I was able to prove reduced the required border bandwidth utilization in organizations by around 20%. Of course this means that the caches and the hiarchy needs to be thought out in advance. Network planning 101...
http://www.ircache.net/ for an existing cache hiarchy that you can freely connect with.
Old News. But it does bring up other issues..
on
Security Hole In SNMP
·
· Score: 2, Informative
The problems with SNMP mentioned here is actually OLD NEWS for any system administrator that can spell his/her job title. I know we came across this issue well over a year ago, with emails to those concerned that were not answererd, or were answered with "That how its supposed to work..."...
I, and most admins I know will completely block SNMP at the border routers (only allowed in through an IPSEC or VPN connection.). I used to have a simple demonstration of how "evil" unportected SNMP could be by showing admins just WHAT kind of info their SNMP enabled switches/routers haapilly gave out.. (quick hint: if u have the snmp tools in linux:
snmpwalk {ip address of any SNMP enabled cisco device} public
And watch as a list of the devices ARP tables shows you exactly which ports have which devices, as well as the routing table for the device and all sorts of info that any snoop can use to help them build a better picture of how the network is configures... [in fact, Fluke makes a software product called Network Inspector that uses the SNMP data from switches among other things to build a full network map including stuff to show things like exactly which switch port a device is on as well as the distance between two devices and how a packet IN THE SWITCH ENVIRONMENT travels from one device to another]
http://www.flukenetworks.com/us/LAN/Monitoring+A na lysis+Diagramming/Network+Inspector/Overview.htm
The other real issue that this brings up is what about the implementations of OTHER protocols like syslog? How many vendors use the same BASE code that may require a patch in flash as a firmware update?...
Having packets on rfc1918 networks recieved by your fireall on a cablemodem system may not be foul play. [port 68 is used by dhcp; it seems that you may have a dhcp server with an rfc1918 address that atempts a ping first before assigning an address. If your firewall is blocking the icmp requests, then the system may be failing to renew correctly and is going to reaquire an ip]; personal firewalls, including the one in XP have to be configured to work correctly with systems like this one...
For more information you may want to take a look at the page at
http://homepage.ntlworld.com/robin.d.h.walker/cm ti ps.html
that may have some more insight {though geared for a.uk ISP, the info is very useful for understanding how some cable systems work}
In short:
Many Cable ISPs use the 10/8 network to number their infrastructure (eg the internal addresses for devices including the dhcp server address and stuff like the head-end devices; also every cable modem has a 10.x address for management {though usually only accessible from the cable side on mine it is 10.225.99.109 }...)
Ex: on , My ip address is a real address, but if I traceroute, the first 3-4 hops are rfc1918 devices..
On mine:
IP Address: 24.XXX.YYY.ZZZ
Subnet Mask: 255.255.252.0
Default Gateway: 24.XXX.YYY.1
DHCP Server: 10.20.0.20
Lease Obtained: 2/12/2002 8:37:29 AM
Lease Expires: 2/12/2002 4:42:29 PM
DNS Servers: 24.XXX.1.14, 24.XXX.192.36, 24.XXX.1.99
WINS Server: 127.0.0.1
There are also child protection laws that protects chidren under 13 or 14 from being required to give out personal information. It is not the same as entering into a contract. This law makes it illegal for a company/web site to request personally identifiable information from a child without parental consent...
Has anyone else noticed that the windows update with XP no longer says what the 98/2000 versions used to say something along the lines "does not send any information to microsoft" while checking the installed updates.. This has changed to "Windows Update does not collect any form of personally identifiable information from your computer."...
Slight wording differences.. but still... what is "personally identifiable information "? For the longest time, an IP address did not fall into that category.. but as anyone knows... an IP address can id quite alot...
The privacy policy for windows update has:
-----start quote..
Windows Update Privacy Statement
Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of information from your computer. This information includes:
Operating-system version number
Internet Explorer version number
Version numbers of other software
Plug and Play ID numbers of hardware devices
Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information. The information collected is used only for the period of time that you are visiting the site, and is not saved.
To provide you with the best possible service, Windows Update also tracks and records whether the download and installation of specific updates succeeded or failed. Windows Update records the ID of the item that you attempted to download and install, and information about your operating system version and Internet Explorer version. The information that is stored cannot be associated with anything that is unique or personally identifiable about you or your computer.
Speaking of video store logs... I always find it a good idea to ask for a list...
The local Blockbuster types hate to do it since it is more work for them... but if you ask for it, they have to do it.
Next time, ask for the list of movies rented on your account and you may find some interesting inconsistancies... [note that they may print it on one of their strip printers.. and the list may be long...]
Example: A friend of mine found that they had his and another persons account crossed in the system. Since both had been "good rental" citizens, they always paid and returned the dvds on time, and did not notice it till he asked for a list of movies. [luckily there were no late charges/lost movies disputed at the time or else it may have looked bad for him]
Is it really THAT far fetched? AOL + Wine + Linux
on
WINE May Change To LGPL
·
· Score: 2, Insightful
Time for some more of that Conspiracy Theory stuff:
The recent rumours that AOL was looking to buy redhat... There is usually something behind the smoke...
What if AOL was looking for a distro to use for their settop boxes (or easily installed on a standard PC). A disto that can have Wine installed on it.
A distro that AOL can use with wine, and minimal changes to their AOL client would allow them a VERY quick deployment of a Linux based installation of an AOL client.
A distro that can be bundled with Wine+the client in a single install.
Or... A client+wine package that can be installed on any distro that the standard users would be familiar with.....
--
You may be paranoid, but that does not mean that they are not after you.... --Someone on IRC somwhere..
Which is exactly the mistake that FOX had originaly made with B5 when it first had it. At least now Andromeda shows twice a week on the station that has it now... {they still move it around all over the place... but I am bound to catch one of them...:-)
My question on the matter is the following: Can windows (or any other OS) use these readers and cards [specifcally the GetSmart ones] as PKI auth/ smart cards for win2k logins? [Make it so that the machine will not allow logins except if the card is inserted; or something like that...]
Re:Why are unix hosts getting hit so hard with thi
on
Code Red Back For More
·
· Score: 1
The worm not only affects windows machines.. It also taxes the inftrastructure.
several ISPs w/ proxy cache servers are noticing the hit as their machines try to handle the traffic.
also, code red also affects other devices other than win2k.... [eg: cisco 600 dsl modems... which do not replicate the worm, but are affected by it due to a separate unrelated bug] and other products as well that have built in IIS servers (including some "hardware" products that have IIS emmedded... yes... there are some out thre that are affected)
It affects unix machines that are having to respond to the "get" request
Re:Why is PWS (IIS 4) on Windows 98 not vulnerable
on
Code Red Back For More
·
· Score: 1
The vulnerabilty istelf is NOT in the IIS service, but in the indexing service that needs IIS to work. The indexing service is installed with IIS4 on NT, IIS5 on 2000. [it is also installed with the PWS on 2kpro]
BTW IIS3 is also vulnerable somewhat, but since it has many, many other holes, the only remedy for IIS3 is to upgrade to at least IIS4 + patches.
Re:A.I. Ticket Stub = -5 years in Purgatory!
on
Review: A.I.
·
· Score: 1
If you thought those were aliens then you obviously missed one of the most important "messgaes/plot" of the movie.
Those were NOT aliens... those are the future generations of AI "robots" that have survived once the human race has become extinct. They are Davids "descendats"...
Some may laugh at this... but I remember my first "lan"...
it was put up using duct tape...
Reason?: We lived in a campus residence hall, and were not allowed to make any alterations to the rooms/hallway... so what to do when %70 of the people in the unit have PCs.... aahhhh the days of warcraft, command and conquer.... and yes... even file/print sharing... [between all of us, there were at least two laser printers, one color printer, and a 20gb drive... {which at the time was HUUUUUUUUUUGGGGGGGGGGGGEEEEEEEEEEEEEE}
Unfortunately when they advertise that the system does "40 mbit", they usually dont mean to the consumer, but to the HFC side (coax side) of the link.
The modem then further restricts the user. Example: the cablemodem that I am now using has 30mbit to the HFC side (which is shared between myself and the neighborhood) but is restricted to 768/64.... [most locations elsewhere are now 1024/128, but there may be service as low as 64/64 and as high as 3072/1024 or "unrestricted"]... They usually limit the speeds to ensure "Network quality of service"...
Slashdot Mirror
Why does 42 keep coming up again and again?
For you Cisco people; how many have chuckled when you realized that the number to clear the startup config (config reg) on most cisco routers is 0x42 ?
Years ago a friend of mine used to do something similar: He had a web page that celarly stated the terms which he would accept mail.
The page had a clearly stated no-spam accepted policy, and that the spam would be reported to the authorities; and in the wording of the policy, he had the email addresses (both semi-private work and public function) for legislators and gov. offices that deal with spam. [with of course abuse@[localhost] ]
This way if someone was using a harvester to get email addresses, they would end up possibly sending to the legistlators that did not think spam was a problem.. [ in 1997]
So it was not JUST a honeypot. It did have a function of informing.
Like most websites, they want to know what users are visiting their sites. They may be using something like bbclone (http://bbclone.tuxfamily.org/) which uses php scripts to log web page accesses... example of a bbclone report is at http://bbclone.tuxfamily.org/varstuff/bbclone-0.15 .1.html
One of the interesting side effects is that it can be a way to find out who is linking to your pages since it also shows the referrer info...
Knowing which browser you use can help in making sure that their pages work in all availible browsers that their potential audiance uses.
{before you say anything... yes... the pages should be optimised for ALL browsers... but then who said we lived in a utopian world...})
The reason that I and many that I know use forwarding is because of ISPs that decide to change names or like the recent attbi issues.
I actually advocate getting third party accounts for everything.. Mail, Usenet, webspace; and leave the ISP account for access only. That way if anything happens to the ISP connectivity, the other stuff does not get affected....
Since 1997 I have chnaged ISPs 4 times; but still have kept the same email address. Before using forwarded email, I had an email account that where shut down by ISPs abruptly. No. I do not spam.
The first time was when an ISP diconnected my service without notice (www.arn.net) and it was extremely painful to change all the accounts that depend on registrations being sent to email accounts for updates towards the new account.
The second time was when earthlink (www.earthlink.net) disconnected my account for multiple logins {at that time they considered multilink ppp connections as against the AUP as "connecting from two locations" even though their system allows it and its connecting from the SAME location/machine... Now they just send a bill for the second connection} . Luckily I was using a forwarded email account that forwarded to my earthlink account. The "registered accounts" did not need to know the change of the "final destination"; which took less than 10 mins once I got access to the internet.
The last two were also easy to change due to the forwarded account as well.... (I moved; so I had to change ISPs)
So why is RR getting pissed? They may notice that nobody is using the ISP accounts that they are possibly associating advertising potential dollars to. {by spamming their own customers with "newsletters"... something that many ISPS seem to be doing lately}
It probably IS a troll.. but I'll also bite:
Even if the games were originally meant for windows, they were meant for pre win98 windows and probably work great in wine or other x86 emulators for linux with little effort.
There are many games/ applications that failed the marketing/distribution wars when there was no Internet for the masses. There are many applications and even OSes today that would not have flourished without the internet. Bringing back those "old binaries" in a form that can be downloaded may bring many an enjoyment that they would have missed forever.
The initial use of hostmaster@ was by Network Solutions when they were Internic.net the current use is defined in RFC 2142
2 142
RFC 2142
http://www.ietf.org/rfc/rfc2142.txt?number=
Yes... but when AMD did it, there was no DMCA that prohibited it...
I always wonder what happens to all these projects that reach "final beta" status and then get dropped when the company decides to sit on it?
There must loads of code/devices that never went to market that someone should try and get released...
The question is when will the stuff that they are working on NOW be avail. for geenral use?
Everyone knows that things like the internet, GPS and even caller ID would not have been developed without a certain amount of pushing of the technology spectre by those organizations in their race to outdo each other.
yes... the quick proliferation of spam is a known issue... The bigger problem is the other vulnerabilities out there...
m promise.html) ; but they still dont address the issue that the system becomes compromised BEFORE any of the normal security steps are taken to harden the system.
; they are barely a tip of the iceberg when it comes to REAL problem wrt. spammers and how far they are williing to go... (To take a look at the current anti spam effort, one may want to go to news:news.admin.net-abuse.email]
s .a dmin.net-abuse.email
I have several IDS/Honeypot machines in various locations that help me gauge certain "problems"...
Just as an example (though not from a honeypot; but when a friend recently put up a new machine, within 9 mins of the machine being powered up from when it got the pppoe lease it was hit with a nimda scan. [Luckily he had a virus scanner already installed with a recent dat file and engine, but was going online to download the latest update for IE and win2k]
Unfortunately windows is not the only OS out there being scanned for active exploits... My Linux boxen got scanned for SSH and RPC exploits within 40 mins of coming online.
It has gotten so that you have to do a FULL install/upgrade BEFORE going online; which in many cases is a catch 22 situation since to get those updates you have to go online.
As a computer consultant, you would not believe the number of times I hear "But I just installed the system; I cant already have a virus on it."
CERT among others have guidelines on what to do if compromised (http://www.cert.org/tech_tips/win-UNIX-system_co
as for certs email spoof guidelines, http://www.cert.org/tech_tips/email_spoofing.html
http://groups.google.com/groups?hl=en&group=new
Personally I am ALL FOR caches... Just make them optional so that I can turn it off in the very rare situations that it breaks someting.
There are several protocols that allow the end user to automatically detect the cache servers that they need to use.
I have used and deployed several squid proxy-caches http://www.squid-cache.org/ that I was able to prove reduced the required border bandwidth utilization in organizations by around 20%. Of course this means that the caches and the hiarchy needs to be thought out in advance. Network planning 101...
http://www.ircache.net/ for an existing cache hiarchy that you can freely connect with.
The problems with SNMP mentioned here is actually OLD NEWS for any system administrator that can spell his/her job title. I know we came across this issue well over a year ago, with emails to those concerned that were not answererd, or were answered with "That how its supposed to work..."...
A na lysis+Diagramming/Network+Inspector/Overview.htm
I, and most admins I know will completely block SNMP at the border routers (only allowed in through an IPSEC or VPN connection.). I used to have a simple demonstration of how "evil" unportected SNMP could be by showing admins just WHAT kind of info their SNMP enabled switches/routers haapilly gave out.. (quick hint: if u have the snmp tools in linux:
snmpwalk {ip address of any SNMP enabled cisco device} public
And watch as a list of the devices ARP tables shows you exactly which ports have which devices, as well as the routing table for the device and all sorts of info that any snoop can use to help them build a better picture of how the network is configures... [in fact, Fluke makes a software product called Network Inspector that uses the SNMP data from switches among other things to build a full network map including stuff to show things like exactly which switch port a device is on as well as the distance between two devices and how a packet IN THE SWITCH ENVIRONMENT travels from one device to another]
http://www.flukenetworks.com/us/LAN/Monitoring+
The other real issue that this brings up is what about the implementations of OTHER protocols like syslog? How many vendors use the same BASE code that may require a patch in flash as a firmware update?...
Having packets on rfc1918 networks recieved by your fireall on a cablemodem system may not be foul play. [port 68 is used by dhcp; it seems that you may have a dhcp server with an rfc1918 address that atempts a ping first before assigning an address. If your firewall is blocking the icmp requests, then the system may be failing to renew correctly and is going to reaquire an ip]; personal firewalls, including the one in XP have to be configured to work correctly with systems like this one...
m ti ps.html
.uk ISP, the info is very useful for understanding how some cable systems work}
...)
For more information you may want to take a look at the page at
http://homepage.ntlworld.com/robin.d.h.walker/c
that may have some more insight {though geared for a
In short:
Many Cable ISPs use the 10/8 network to number their infrastructure (eg the internal addresses for devices including the dhcp server address and stuff like the head-end devices; also every cable modem has a 10.x address for management {though usually only accessible from the cable side on mine it is 10.225.99.109 }
Ex: on , My ip address is a real address, but if I traceroute, the first 3-4 hops are rfc1918 devices..
On mine:
IP Address: 24.XXX.YYY.ZZZ
Subnet Mask: 255.255.252.0
Default Gateway: 24.XXX.YYY.1
DHCP Server: 10.20.0.20
Lease Obtained: 2/12/2002 8:37:29 AM
Lease Expires: 2/12/2002 4:42:29 PM
DNS Servers: 24.XXX.1.14, 24.XXX.192.36, 24.XXX.1.99
WINS Server: 127.0.0.1
There are also child protection laws that protects chidren under 13 or 14 from being required to give out personal information. It is not the same as entering into a contract. This law makes it illegal for a company/web site to request personally identifiable information from a child without parental consent...
Has anyone else noticed that the windows update with XP no longer says what the 98/2000 versions used to say something along the lines "does not send any information to microsoft" while checking the installed updates.. This has changed to "Windows Update does not collect any form of personally identifiable information from your computer."...
Slight wording differences.. but still... what is "personally identifiable information "? For the longest time, an IP address did not fall into that category.. but as anyone knows... an IP address can id quite alot...
The privacy policy for windows update has:
-----start quote..
Windows Update Privacy Statement
Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of information from your computer. This information includes:
Operating-system version number
Internet Explorer version number
Version numbers of other software
Plug and Play ID numbers of hardware devices
Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information. The information collected is used only for the period of time that you are visiting the site, and is not saved.
To provide you with the best possible service, Windows Update also tracks and records whether the download and installation of specific updates succeeded or failed. Windows Update records the ID of the item that you attempted to download and install, and information about your operating system version and Internet Explorer version. The information that is stored cannot be associated with anything that is unique or personally identifiable about you or your computer.
------ end quote
Speaking of video store logs... I always find it a good idea to ask for a list...
The local Blockbuster types hate to do it since it is more work for them... but if you ask for it, they have to do it.
Next time, ask for the list of movies rented on your account and you may find some interesting inconsistancies... [note that they may print it on one of their strip printers.. and the list may be long...]
Example: A friend of mine found that they had his and another persons account crossed in the system. Since both had been "good rental" citizens, they always paid and returned the dvds on time, and did not notice it till he asked for a list of movies. [luckily there were no late charges/lost movies disputed at the time or else it may have looked bad for him]
Time for some more of that Conspiracy Theory stuff:
The recent rumours that AOL was looking to buy redhat... There is usually something behind the smoke...
What if AOL was looking for a distro to use for their settop boxes (or easily installed on a standard PC). A disto that can have Wine installed on it.
A distro that AOL can use with wine, and minimal changes to their AOL client would allow them a VERY quick deployment of a Linux based installation of an AOL client.
A distro that can be bundled with Wine+the client in a single install.
Or... A client+wine package that can be installed on any distro that the standard users would be familiar with.....
--
You may be paranoid, but that does not mean that they are not after you.... --Someone on IRC somwhere..
Most of the security updates from microsoft do not come from the windowsupdate site till its too late... :-)
A better place to look is
MS HotFix & Security Bulletin Service
Which is exactly the mistake that FOX had originaly made with B5 when it first had it. At least now Andromeda shows twice a week on the station that has it now... {they still move it around all over the place... but I am bound to catch one of them... :-)
My question on the matter is the following: Can windows (or any other OS) use these readers and cards [specifcally the GetSmart ones] as PKI auth/ smart cards for win2k logins? [Make it so that the machine will not allow logins except if the card is inserted; or something like that...]
The worm not only affects windows machines.. It also taxes the inftrastructure.
several ISPs w/ proxy cache servers are noticing the hit as their machines try to handle the traffic.
also, code red also affects other devices other than win2k.... [eg: cisco 600 dsl modems... which do not replicate the worm, but are affected by it due to a separate unrelated bug] and other products as well that have built in IIS servers (including some "hardware" products that have IIS emmedded... yes... there are some out thre that are affected)
It affects unix machines that are having to respond to the "get" request
The vulnerabilty istelf is NOT in the IIS service, but in the indexing service that needs IIS to work. The indexing service is installed with IIS4 on NT, IIS5 on 2000. [it is also installed with the PWS on 2kpro]
BTW IIS3 is also vulnerable somewhat, but since it has many, many other holes, the only remedy for IIS3 is to upgrade to at least IIS4 + patches.
If you thought those were aliens then you obviously missed one of the most important "messgaes/plot" of the movie.
Those were NOT aliens... those are the future generations of AI "robots" that have survived once the human race has become extinct. They are Davids "descendats"...
--
Amarillo Linux Users Group
Some may laugh at this... but I remember my first "lan"...
it was put up using duct tape...
Reason?: We lived in a campus residence hall, and were not allowed to make any alterations to the rooms/hallway... so what to do when %70 of the people in the unit have PCs.... aahhhh the days of warcraft, command and conquer.... and yes... even file/print sharing... [between all of us, there were at least two laser printers, one color printer, and a 20gb drive... {which at the time was HUUUUUUUUUUGGGGGGGGGGGGEEEEEEEEEEEEEE}
--
Amarillo Linux Users Group
Unfortunately when they advertise that the system does "40 mbit", they usually dont mean to the consumer, but to the HFC side (coax side) of the link.
.... [most locations elsewhere are now 1024/128, but there may be service as low as 64/64 and as high as 3072/1024 or "unrestricted"]... They usually limit the speeds to ensure "Network quality of service"...
The modem then further restricts the user. Example: the cablemodem that I am now using has 30mbit to the HFC side (which is shared between myself and the neighborhood) but is restricted to 768/64
--
Amarillo Linux Users Group