knowing you're stupid is half the way to not be. unfortunately management are at a negative value here, they all think they're geniuses hence wouldn't take your advice for worrying
easy enough to check, disable the preemptive code and do a new benchmark
my own experience with test5 shows me that it has issues with memory management/swap. the machine was completly unuseable when all the memory was used up
the problem is developping such a system that is "universal" for say, how can you "boot" with the network down if your login happens through NIS ? or pam with a remote mysql server.
such a solution needs to be custom tailored for everyone for maximum efficiency
we typically set our monitor software to check every 5 minutes, with one request PER SERVER not per site. if it is down it will send an email to our support address, if it is STILL down the second time around, it fires off an email to the cell phone of the on-duty admin, plus one email when it comes back up
i've had some services set up for monitoring as low as 30 seconds, but those are specific cases.
obviously a 1 seconds check is WAY too low, not only it's a waste of bandwidth, it's prone to false positives. what happen when you have a slight delay in one of the core routers that cause your packet to get dropped/delayed by 1000ms ?
no when you download, the person that has the orignal copy is lending it to you, YOU are the one requesting the download hence making the copy, kazaa isn't pushing anything to your computer
copyright law in the US forbids you from making multiple copies it seem.
canadian copyright law specifically allow "private copying". basicly, i can buy a cd, hand it to my friend and he can legally make a copy for himself. i am not, however, allowed to buy a cd, make a copy and give it to my friend. same end result, different pathway:) the artists gets their compensation from the taxes on the CD and other recordable medias (or so they say).
exactly, i was almost shocked to hear my friend say that it was legal to download music off of kazaa. shows how little most people know: very little
a funny bit, it IS legal to download music in canada! seems like the canadian equivalent to the RIAA shoot themselves in the foot a few years back. all CDs are charged a 5 cents tax to pay for it. i almost fell off my chair
not practical but doable. they probably wouldn't notice it for small networks (ie 5-6 machines at home or a small company)
recovering the private key from the mobo (or bios) IS doable, and has been done many times. i assume you were thinking about the xbox and how they're trying to bruteforce the key.
the situation is actually reversed here. the xbox doesn't have the private key, your mobo does. all one has to do is unsolder the chip (or just probing in the right places) and reading it with whatever is used in those cases (i can't remember the names of the tools). voila, you got your private key.
yes but in this case they'd have to guess a valid mac address that isn't being used by someone else (read: nearly impossible whitout causing problems, unless you don't do your job properly) you ALLOW a mac address, and deny everything else
as someone pointed out, if they're students shutting down their own connection is hardly brillant. and obviously you'd have any access to those switches disabled from anything external. some switches even uses SSH
and im not familiar with vlans and such, but it would probably be possible to isolate the mangement part on a vlan by itself
assuming your network is switched, and your switch are "manageables" (ie you can log in them remotely)
you could have an IDS (or similar) with a rule looking for specific attacks (ie blaster). when you detect such an attack, fire off a script that shuts down the user's port on the switch. they'll bitch and moan that they can't access the net but you'll know who they are now and charge them a cleanup fee (make sure to include it in the terms of use)
another solution is to require anyone bringing a computer from home to have it inspected by your techs, block access based on mac address and only give them access once they passed the test. it does require more ressources tho, and ideally you'd still need the first option (in case where someone reinstall windows)
i somewhat agree. Sam can be annoying, but usually with reason (and he's dead bent on respecting the RFCs). the documentation is all there tho, it's just not organized like you would expect it to.:)
i have to agree, bernstein is one of the few i absolutely can't stand, and given the crappy documentation on all of his projects, i avoid everything he touches
i have yet to try postfix for any meaningful length of time, but courier (www.courier-mta.org) has given me a wonderful experience. it even have a "milter-like" interface! and also no remote security holes (minor, local ones a year ago) since dinausors age
when i buy a video card these days, i expect them to outperform a geforce 256. the radeon 9000. as low budget as it is, has NO FUCKIN REASON NOT TO. i'm no performance whore, i don't give a shit if my unreal tournament doesn't do 160fps. but damnit, to hell if i'm gonna accept choppyness at 800x600
i'll stick to nvidia, from which i can get a 50$ card three times better than my old one
i'm no overclocker, the environment they were in is completly different (humid, dry, cold, hot), some were in work machines, some in my personnal machines (handled by the family) some in friend's. none of the other users were overclockers either (hey, some of them can't even find the start menu)
that's only for the ones that physically died.
performances on everything i've tried was abysmal (including my lastest radeon 9000 with the lastest drivers) when the drivers don't crash the computer (works fine with a geforce)
the tech support is horrid, just getting an rma # takes ages.
even if the ati card WAS faster, hell will freeze over before i ever buy another card from them!
they have crappy support, crappy hardware (as in reliability) and crappy drivers. i've had so many ATI cards die on me it's not even funny.
on the other hand i've had only one nvidia card die, due to rough handling and no fan (it came loose somehow and i didn't notice it, probably in transport)
Slashdot Mirror
knowing you're stupid is half the way to not be. unfortunately management are at a negative value here, they all think they're geniuses hence wouldn't take your advice for worrying
easy enough to check, disable the preemptive code and do a new benchmark
my own experience with test5 shows me that it has issues with memory management/swap. the machine was completly unuseable when all the memory was used up
that's how most solar "stations" work too, but they still have to use some sort of solar panel to collect the heat (that are not just painted black)
i've seen enough ice and snow to last me a lifetime, come up here and we'll be happy to give you a huge chunk!
the problem is developping such a system that is "universal" for say, how can you "boot" with the network down if your login happens through NIS ? or pam with a remote mysql server.
such a solution needs to be custom tailored for everyone for maximum efficiency
we typically set our monitor software to check every 5 minutes, with one request PER SERVER not per site. if it is down it will send an email to our support address, if it is STILL down the second time around, it fires off an email to the cell phone of the on-duty admin, plus one email when it comes back up
i've had some services set up for monitoring as low as 30 seconds, but those are specific cases.
obviously a 1 seconds check is WAY too low, not only it's a waste of bandwidth, it's prone to false positives. what happen when you have a slight delay in one of the core routers that cause your packet to get dropped/delayed by 1000ms ?
no when you download, the person that has the orignal copy is lending it to you, YOU are the one requesting the download hence making the copy, kazaa isn't pushing anything to your computer
copyright law in the US forbids you from making multiple copies it seem.
:) the artists gets their compensation from the taxes on the CD and other recordable medias (or so they say).
:)
canadian copyright law specifically allow "private copying". basicly, i can buy a cd, hand it to my friend and he can legally make a copy for himself. i am not, however, allowed to buy a cd, make a copy and give it to my friend. same end result, different pathway
don't ask for logic in there
exactly, i was almost shocked to hear my friend say that it was legal to download music off of kazaa. shows how little most people know: very little
a funny bit, it IS legal to download music in canada! seems like the canadian equivalent to the RIAA shoot themselves in the foot a few years back. all CDs are charged a 5 cents tax to pay for it. i almost fell off my chair
sorry, apple themselves stole the GUI thing from Xerox. i guess that's "innovation" too then
not practical but doable. they probably wouldn't notice it for small networks (ie 5-6 machines at home or a small company)
recovering the private key from the mobo (or bios) IS doable, and has been done many times. i assume you were thinking about the xbox and how they're trying to bruteforce the key.
the situation is actually reversed here. the xbox doesn't have the private key, your mobo does. all one has to do is unsolder the chip (or just probing in the right places) and reading it with whatever is used in those cases (i can't remember the names of the tools). voila, you got your private key.
how long until some clever hacker comes up with a way to duplicate the private key to all of your computers?
yes but in this case they'd have to guess a valid mac address that isn't being used by someone else (read: nearly impossible whitout causing problems, unless you don't do your job properly) you ALLOW a mac address, and deny everything else
as someone pointed out, if they're students shutting down their own connection is hardly brillant. and obviously you'd have any access to those switches disabled from anything external. some switches even uses SSH
and im not familiar with vlans and such, but it would probably be possible to isolate the mangement part on a vlan by itself
assuming your network is switched, and your switch are "manageables" (ie you can log in them remotely)
you could have an IDS (or similar) with a rule looking for specific attacks (ie blaster). when you detect such an attack, fire off a script that shuts down the user's port on the switch. they'll bitch and moan that they can't access the net but you'll know who they are now and charge them a cleanup fee (make sure to include it in the terms of use)
another solution is to require anyone bringing a computer from home to have it inspected by your techs, block access based on mac address and only give them access once they passed the test. it does require more ressources tho, and ideally you'd still need the first option (in case where someone reinstall windows)
i somewhat agree. Sam can be annoying, but usually with reason (and he's dead bent on respecting the RFCs). the documentation is all there tho, it's just not organized like you would expect it to. :)
better get your facts straights
www.courier-mta.org
full blown email server: MTA, filtering, pop3, imap and webmail, all neatly packaged (and written) by the great Sam. works like a charm too
i have to agree, bernstein is one of the few i absolutely can't stand, and given the crappy documentation on all of his projects, i avoid everything he touches
i have yet to try postfix for any meaningful length of time, but courier (www.courier-mta.org) has given me a wonderful experience. it even have a "milter-like" interface! and also no remote security holes (minor, local ones a year ago) since dinausors age
when i buy a video card these days, i expect them to outperform a geforce 256. the radeon 9000. as low budget as it is, has NO FUCKIN REASON NOT TO. i'm no performance whore, i don't give a shit if my unreal tournament doesn't do 160fps. but damnit, to hell if i'm gonna accept choppyness at 800x600
i'll stick to nvidia, from which i can get a 50$ card three times better than my old one
yep, that's the first thing i did
i'm no overclocker, the environment they were in is completly different (humid, dry, cold, hot), some were in work machines, some in my personnal machines (handled by the family) some in friend's .
:)
none of the other users were overclockers either (hey, some of them can't even find the start menu)
that's only for the ones that physically died.
performances on everything i've tried was abysmal (including my lastest radeon 9000 with the lastest drivers) when the drivers don't crash the computer (works fine with a geforce)
the tech support is horrid, just getting an rma # takes ages.
dunno, some people are more lucky than others
i have a radeon 9000, which i bought lately because exactly, i've been seeing those neat numbers about ati.
guess what? IT STILL SUCKS. the crappy drivers are STILL making the computer freeze (and NOTHING is overclocked)
even if the ati card WAS faster, hell will freeze over before i ever buy another card from them!
they have crappy support, crappy hardware (as in reliability) and crappy drivers. i've had so many ATI cards die on me it's not even funny.
on the other hand i've had only one nvidia card die, due to rough handling and no fan (it came loose somehow and i didn't notice it, probably in transport)
they probably won't charge a fee. they just want you to sign this little form giving them all rights over your soul and your first born
what about the times when some of us just refused to use ICQ because it was a waste of prefectly good cpu cycles and just met on IRC?
i still feel IM is a waste for that matter. gimme my irc room anytime