Your MS Citation is about Xbox, which MS has been quite strict on. I can't speak for apple, but I have found the MS technet forums very good when the documentation falls short. Many forums have a few hotshots which may work for MS partners, or may be MS employees.
I write code for IDM / IAM though, so my part of the industry is a weird place. Developing interfaces to abstract security concepts across multiple platforms is inherently weird. SAP, RACF, SQL, Active Directory, and Unix all have a different concept of an ACL or Group, and open standards like Oasis and SPML only go so far. MS is just a little bit better at helping you work through a customer's not quite normal requirments.
Kinky Friedman, professional satirist and candidate for Texas Govenor recently said it on NPR last week, but I've seen parts of the quote attributed to Davey Crockett several places. http://freedomkeys.com/politicians.htm The joke seems quite old.
I wish I had points to mod you up. In some specialities the bill rate has to be 3 times or more what the employee is paid to support bench time, training, benefits, and the sales staff that keep the contractors working. A sysadmin / generalist who can be kept near 80%+ utilization generally has to bill out at twice what they are paid. The big consulting firms do get away with charging significantly more, a big 3 security engineer in the midwest can easily bill out at $250/hr, but the big 3 consulting firms have ridiculous overhead compare to small consulting firms.
Even SMBs in the midwest pay these rates, if you are paying less it is likely the firm is a body shop that does little to screen or train employees, or a small business who does not pay themselves market rates for their actual labor. (I.E. doesn't include their administrative time at home)
I am curious about this, since I get called out constantly for starting sentances with actually. What is this a marker of? I have lived my entire life in Cleveland, but influences include being raised for 6 years by my Grandmother who was from one of the last Irish speaking regions of Ireland, my father born in London, and later by my Welsh step father. I also had a swiss german grandmother which probably makes things worse.
I have a lot of odd irish pronunciations for select words. I pronounce the L in walk, say probably as praugh-bab-lee, and occasionally say haytch for H, though that has mosty died off. I always assumed the "Actually" thing was another irish artifact.
8.5.8.a For a sample of system components, examine user ID lists to verify the following
Generic user IDs and accounts are disabled or removed. Shared user IDs for system administration activities and other critical functions do not exist. Shared and generic user IDs are not used to administer any system components.
8.5.8.b Examine password policies/procedures to verify that group and shared passwords are explicitly prohibited.
8.5.8.c Interview system administrators to verify that group and shared passwords are not distributed, even if requested.
8.5.9 For a sample of system components, obtain and inspect system configuration settings to verify that user password parameters are set to require users to change passwords at least every 90 days.
DUKPT is derived unique key per transaction, and is most likely to be 3Des anyway. The old standard was Master/Session, which was more likely to use DES keys, but your point is still valid.
What you find many times if you talk to a Hotel Manager or Coffee shop owner they realize it is a problem and have no way to deal with it. They will tell you they wish they had an easy way to throttle these people, without investing in things like inline IPS / bandwidth management.
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless management and the provider refuses to deal with it, they think using a wireless IPS like solution to limit hogs is their only way to fix it.
I came up with the idea to ask slashdot after talking to my Hospital client and the manager of the hotel I normally stay at. Abusing the network by eating all the bandwidth is not someones right, and not all wireless providers are capeable of ensuring equitable wireless access.
I am not a consultant for this, I simply happen to be consuming these services. I happen to be consulting for something completely different, and just need wireless access.
I already have spoken to management. The hospital wants to deploy whatever solution I come up with here, the hotel is supportive. One person can literally kill the connection, to the point you can't load google. This is not a question of policing, its a question of making wireless usable at all.
I actually already have complained. See this post I've been living in this hotel for the past 7 months and they know they have a problem and are powerless to fix it. They know one or two guests ruin the connection for everybody, but their outsourced wireless provider isn't fixing things. The Hospital has the same problem. Both are supportive of the idea of interrupting the bandwidth hogs to use the connection. (I actually consult for the Hospital security dept, they can't get the outsourced wireless provider to do anything about it, and would like to deploy whatever solution I come up with.)
Its not about priority, it's just a demonstration of the same issue. The ping time to the second hop gets as high as 3000ms due to bandwidth saturation.
I live in a hotel every weekday for the last seven months and have asked the hotel about the bandwidth problem, and they are supportive of this approach. They know one or two guests are ruining the internet access for everybody, and wish they could do something about it. Since it is a corpoarte big chain hotel they do not have the ability to implement their own solution seperately.
What you find many times if you talk to a Hotel Manager or Coffee shop owner they realize it is a problem and have no way to deal with it. They will tell you they wish they had an easy way to throttle these people, without investing in things like inline IPS / bandwidth management.
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless management and the provider refuses to deal with it, they think using a wireless IPS like solution to limit hogs is their only way to fix it.
I came up with the idea to ask slashdot after talking to my Hospital client and the manager of the hotel I normally stay at. Abusing the network by eating all the bandwidth is not someones right, and not all wireless providers are capeable of ensuring equitable wireless access.
Gameplay HD is a fulltime game channel. It comes on Dish Network's MPEG-4 HD package and is one of the old Voom channels. It tends to follow one person's screen a few minutes at a time. And it is excruciatingly boring. You tend to get shows with CS, Quake 4 and Starcraft commentary, including Tournaments. I thought the idea was cool till I saw it. G4 is better, but that's certinally faint praise.
Sure there is. It's made from Seaweed and called Carageenan instead. That is what Royal brand "Gelatin Desert" uses, as does my bag of veggie marshmallows. It's sold as Kosher / Halal gelatin even.
I acknowledged this error here. Sorry. My actual point was that the Torah pre-dated the Bible, in response to the two "Duh, it's Biblical!" comments I got.
Umm, The Bible was written by Christians, and Deuteronomy would have been written down by the Jews circa 70 C.E. after the destruction of the second temple. The Mosaic law was a pre-biblical oral tradition.
Hint: Christianity is based on an older religion that this law comes from.
The Talmudic law is clearly Pre-Biblical. The whole Christianity being about reformed Judaism and being based on the teachings of a Jew who himself discussed the Talmudic law. It's correct to say that the Mosaic code is in the Bible, but it is definatly pre-biblical Since the post I was responding to pointed out the law came from the bible before English Common Law, I felt it was worth noting that it was pre Christian as well.
Slashdot may be US centric, but rarely Christianity centric.
I can't personally comment on that, since I went through both groups moving where they wanted apache installed. (Freebsd 2 or 3 years ago, debian before that) Freebsd is extremely LSB based, debian had a few "debianism's". Neither is as bad as the whole opt thing is Solaris though.
If you like Debian's package repository, you'd love Freebsd's ports repository. Nothing comes close. I've admin'd debian, solaris, freebsd and redhat in production, and I've played with fink on OSX, and Gentoo's portage. Freebsd ports is hands down the easiest to administer in a production environment, once you get a proper supfile and update scripts set up.
The following isn't intuitive, but it works:
Install cvsup-without-gui and portupgrade, then run:
For a supfile I use (If you are not managing your own repository): *default host=cvsup13.FreeBSD.org *default base=/usr *default prefix=/usr *default release=cvs tag=RELENG_6_1 delete use-rel-suffix compress src-all ports-all tag=.
I know I am needlessly tracking src with every update, but if a kernel patch is released my src is up to date.
Note: always read/usr/ports/UPDATING before running your portupgrade.
However, for the Great grandparent's posts purposes, it is argued that sports look better in progressive scan opposed to the flicker of interlacing. (See question two in the first link)
Slashdot Mirror
Fromt he same site, amongst geeks and gamers the sizing breakdown:
S 13.5%
M 16%
L 19%
XL 19%
2X 19%
3X 13.5%
Your MS Citation is about Xbox, which MS has been quite strict on. I can't speak for apple, but I have found the MS technet forums very good when the documentation falls short. Many forums have a few hotshots which may work for MS partners, or may be MS employees.
I write code for IDM / IAM though, so my part of the industry is a weird place. Developing interfaces to abstract security concepts across multiple platforms is inherently weird. SAP, RACF, SQL, Active Directory, and Unix all have a different concept of an ACL or Group, and open standards like Oasis and SPML only go so far. MS is just a little bit better at helping you work through a customer's not quite normal requirments.
Kinky Friedman, professional satirist and candidate for Texas Govenor recently said it on NPR last week, but I've seen parts of the quote attributed to Davey Crockett several places. http://freedomkeys.com/politicians.htm The joke seems quite old.
I wish I had points to mod you up. In some specialities the bill rate has to be 3 times or more what the employee is paid to support bench time, training, benefits, and the sales staff that keep the contractors working. A sysadmin / generalist who can be kept near 80%+ utilization generally has to bill out at twice what they are paid. The big consulting firms do get away with charging significantly more, a big 3 security engineer in the midwest can easily bill out at $250/hr, but the big 3 consulting firms have ridiculous overhead compare to small consulting firms.
Even SMBs in the midwest pay these rates, if you are paying less it is likely the firm is a body shop that does little to screen or train employees, or a small business who does not pay themselves market rates for their actual labor. (I.E. doesn't include their administrative time at home)
I am curious about this, since I get called out constantly for starting sentances with actually. What is this a marker of? I have lived my entire life in Cleveland, but influences include being raised for 6 years by my Grandmother who was from one of the last Irish speaking regions of Ireland, my father born in London, and later by my Welsh step father. I also had a swiss german grandmother which probably makes things worse.
I have a lot of odd irish pronunciations for select words. I pronounce the L in walk, say probably as praugh-bab-lee, and occasionally say haytch for H, though that has mosty died off. I always assumed the "Actually" thing was another irish artifact.
Only because they lie to their assesors:
8.5.8.a For a sample of system components, examine
user ID lists to verify the following
Generic user IDs and accounts are disabled or
removed.
Shared user IDs for system administration activities
and other critical functions do not exist.
Shared and generic user IDs are not used to
administer any system components.
8.5.8.b Examine password policies/procedures to
verify that group and shared passwords are explicitly
prohibited.
8.5.8.c Interview system administrators to verify that
group and shared passwords are not distributed, even if
requested.
8.5.9 For a sample of system components, obtain and
inspect system configuration settings to verify that user
password parameters are set to require users to change
passwords at least every 90 days.
https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf
The standard really does a decent job of promoting best practices, but can be both over detailed and overly lenient at times.
DUKPT is derived unique key per transaction, and is most likely to be 3Des anyway.
The old standard was Master/Session, which was more likely to use DES keys, but your point is still valid.
I posted this above, but am reposting here:
What you find many times if you talk to a Hotel Manager or Coffee shop owner they realize it is a problem and have no way to deal with it. They will tell you they wish they had an easy way to throttle these people, without investing in things like inline IPS / bandwidth management.
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless management and the provider refuses to deal with it, they think using a wireless IPS like solution to limit hogs is their only way to fix it.
I came up with the idea to ask slashdot after talking to my Hospital client and the manager of the hotel I normally stay at. Abusing the network by eating all the bandwidth is not someones right, and not all wireless providers are capeable of ensuring equitable wireless access.
I am not a consultant for this, I simply happen to be consuming these services. I happen to be consulting for something completely different, and just need wireless access.
I already have spoken to management. The hospital wants to deploy whatever solution I come up with here, the hotel is supportive. One person can literally kill the connection, to the point you can't load google. This is not a question of policing, its a question of making wireless usable at all.
I actually already have complained. See this post I've been living in this hotel for the past 7 months and they know they have a problem and are powerless to fix it. They know one or two guests ruin the connection for everybody, but their outsourced wireless provider isn't fixing things. The Hospital has the same problem. Both are supportive of the idea of interrupting the bandwidth hogs to use the connection. (I actually consult for the Hospital security dept, they can't get the outsourced wireless provider to do anything about it, and would like to deploy whatever solution I come up with.)
I concur, I'm not trying to be an asshat as well, its just that one person is ruining the wireless for the 40 or so others trying to use it.
see here
Its not about priority, it's just a demonstration of the same issue. The ping time to the second hop gets as high as 3000ms due to bandwidth saturation.
I live in a hotel every weekday for the last seven months and have asked the hotel about the bandwidth problem, and they are supportive of this approach. They know one or two guests are ruining the internet access for everybody, and wish they could do something about it. Since it is a corpoarte big chain hotel they do not have the ability to implement their own solution seperately.
What you find many times if you talk to a Hotel Manager or Coffee shop owner they realize it is a problem and have no way to deal with it. They will tell you they wish they had an easy way to throttle these people, without investing in things like inline IPS / bandwidth management.
Most of my clientel is small city midwest, and EVDO is not an option.
At the hospital I am at today the IT security people think it is a great idea. Since they outsource their wireless management and the provider refuses to deal with it, they think using a wireless IPS like solution to limit hogs is their only way to fix it.
I came up with the idea to ask slashdot after talking to my Hospital client and the manager of the hotel I normally stay at. Abusing the network by eating all the bandwidth is not someones right, and not all wireless providers are capeable of ensuring equitable wireless access.
Gameplay HD is a fulltime game channel. It comes on Dish Network's MPEG-4 HD package and is one of the old Voom channels. It tends to follow one person's screen a few minutes at a time. And it is excruciatingly boring. You tend to get shows with CS, Quake 4 and Starcraft commentary, including Tournaments. I thought the idea was cool till I saw it. G4 is better, but that's certinally faint praise.
Sure there is. It's made from Seaweed and called Carageenan instead. That is what Royal brand "Gelatin Desert" uses, as does my bag of veggie marshmallows. It's sold as Kosher / Halal gelatin even.
I acknowledged this error here. Sorry. My actual point was that the Torah pre-dated the Bible, in response to the two "Duh, it's Biblical!" comments I got.
I confused Talmud and Torah, Your right.
Hint: Christianity is based on an older religion that this law comes from.
Slashdot may be US centric, but rarely Christianity centric.
Umm, the GP souced something older than the bible, the Mosaic code, as in Jews.
I can't personally comment on that, since I went through both groups moving where they wanted apache installed. (Freebsd 2 or 3 years ago, debian before that) Freebsd is extremely LSB based, debian had a few "debianism's". Neither is as bad as the whole opt thing is Solaris though.
I use pkg_cutleaves, that way I can remove ports I no longer want as well as the unneeded dependencies they leave behind.
If you like Debian's package repository, you'd love Freebsd's ports repository. Nothing comes close. I've admin'd debian, solaris, freebsd and redhat in production, and I've played with fink on OSX, and Gentoo's portage. Freebsd ports is hands down the easiest to administer in a production environment, once you get a proper supfile and update scripts set up.
/usr/ports
/usr/ports/UPDATING before running your portupgrade.
The following isn't intuitive, but it works:
Install cvsup-without-gui and portupgrade, then run:
cvsup standard-supfile
pkgdb -F
cd
make fetchindex
portsdb -u
portupgrade -aRru
For a supfile I use (If you are not managing your own repository):
*default host=cvsup13.FreeBSD.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=RELENG_6_1 delete use-rel-suffix compress
src-all
ports-all tag=.
I know I am needlessly tracking src with every update, but if a kernel patch is released my src is up to date.
Note: always read
I stand corrected.
However, for the Great grandparent's posts purposes, it is argued that sports look better in progressive scan opposed to the flicker of interlacing. (See question two in the first link)
http://reviews.cnet.com/4520-6449-6361600-1.html
http://www.avsforum.com/hdtvfaq/HDTV-FAQ.htm