How about:...replaced 32 computer servers, based on the time-tested Unix operating systems, at an average cost of $50,000 each, with 40 Linux servers, at $3,000 a pop. Going by their math - a brand new $3,000 x86 Linux machine will run rings around a $50,000 1993-vintage SPARCServer 1000 (which goes for around $200-$300 today.) And my handheld solar calculator has more computing power than a room full of 1960's-era big iron.
Large-format plotters are few and relatively expensive Uhh.. no. Large format plotters are produced en masse and range anywhere in price from $1500 to, like you say, $100,000. Plus, it really depends on what the architects are doing with the plotter. We didn't get this information from the submitter, but architects use plotters for generally either layouts/details, which are simple line drawings, or renderings, which are full color high-resolution plots. I suspect most firms use primarily the former. If the submitter worked for a large firm that did spend "$100,000 on a plotter " he probably wouldn't be asking Slashdot for help finding a cheap solution. However, he's obviously working with an HP plotter and, to my knowledge, HP doesn't make the really high-end plotters.
The place is called Comprenew. They are located just North of Grand Rapids, Michigan. On their website, they don't have the really low-end (cheap) stuff. If you go to the PCTC link on their site, it will give you an idea, however. The place itself is just a warehouse full of equipment that companies wanted to get rid of. There's some very unique stuff there. It's fun just to look around and see some of the obscure items they have. The cheap laptops aren't listed on the website because they only get one of each item usually, but if you talk to the people there, they might be willing to ship you one; N.B. everything there is strictly as is, although if you go there you can try anything out.
I know of a place where they have scads of 486 laptops for $5-$10. You can't get a Dreamcast for that cheap, much less the Broadband Adapter (NIC). You can get a PCMCIA NIC to go with your 486 notebook for $10. Besides, either way you have to get the hardware in the door. Neither the DC or a laptop are small enough to conceal when you're walking through the front door, but wouldn't you think carrying a Dreamcast into a company would attract attention, if not suspicion? Laptops are everywhere, and nobody will bat an eyelash if you're carrying one.
I have ATTBI with a dynamic IP and I just use ddclient to update my dyndns.org account. In practice, my IP doesn't change, but I put ddclient in my crontab for once a week, to keep my dyndns account active. As far as I can tell, the only time you'll get a new IP is when your MAC address is changed. I recently switched some hardware, and I got a new IP. ddclient updated dyndns, and almost immediately my dyndns domain resolved correctly.
When you login to the FTP site, it says SunOS 4.1. This is SunOS, not Solaris. IIRC any version of Solaris is identified as SunOS 5.x. So the question is, how secure is this antique OS?
Do you understand English? You and the OP are going around in circles. Neither the binary or source native OpenBSD versions of OpenSSH were trojaned. This is consistent with the article, and I just checked the actual source tarball myself. Oh, and by the way, this has nothing to do with the default install:)
How can speaking the truth be termed "being some kind of egotistical openbsd-zelot?" The compromised tarball is for OpenSSH Portable you nitwit. The OpenSSH binaries for OpenBSD 3.1 are in the distribution *.tgz files. These are not compromised, therefore, the claim on www.openbsd.org stands. Furthermore, the source code tarball of the OpenBSD version of OpenSSH was not compromised either. These tarballs are used to upgrade OpenSSH on an OpenBSD system, so they have nothing to do with a deafult install. However, since it is the portable version that was compromised, other OSs that use said tarball may have "a remote hole in the default install."
This guy is talking about embedded controllers that talk SMB. He's not talking about building a Linux box, or any type of *nix box at all. NFS doesn't enter the picture either, much less performance issues. He seems aware of any and all performance issues, since he's using old drives that are sitting on the shelf. The point is, how well do those embedded SMB/drive controllers work?
Actually, they've been around for a long time. Titanium dome tweeters have typically had an extended ultrasonic frequency range, with resonances in the (IIRC) 50KHz range. Some people say that titanium domes have a "harsh" sound, and they cite this as the reason. A lot of work has been done with crossovers to combat these resonances - even though they are well above accepted human audibility, they are such huge spikes that they can be problematic.
Certainly, speakers (especially computer speakers) vary greatly in their ability to produce ultrasonic sounds. Speakers with a single full-range cone driver (quite common) will be very limited, while 2-way or 3-way speakers, usually with a 1/2"-1" dome tweeter, will be more adept at producing ultrasonic sound. My main concern is that with low quality speakers, in order to get a high enough level of the ultrasonic sound, the audible range might need to be excessively loud. In regard to the article's mention of headaches, I'm not surprised. Most speakers would likely produce subharmonics of the ultrasonic frequencies, due to resonance/distortion. In other words, if the main frequency is e.g. 40KHz, a subharmonic of e.g. 20KHz may be emitted, which is just at or above human audible frequencies and may be rather annoying.
How often would this happen? It's sort of a novel idea, say if you're just learning about the fundamentals of security and networking, but if you're frequently getting cracked by kiddies, maybe you should take a deeper look at what you're doing right and wrong.
Actually, I was referring to "correct" as in the full proper name. I don't know Jack Squat about linguistics and I'll agree with you that languages evolve, but a proper name is a proper name (unless there's a caveat about that, too.) One could make the same argument about e.g. Coca-Cola. Everybody calls it Coke, but technically the proper (correct in my terms) name of the product is still Coca-Cola. Just as the author of the parent post, someone with an interest in Coca-Cola might say that the...shortened form [Coke] is still reviled today...
You're right, anything can happen and does happen, but that doesn't mean it's correct, however petty or semantic. The parent was noting how the now commonplace (even accepted) shortening of the name isn't grammatically/historically correct. You may not agree with his insistence on correctness, but you can't say he's wrong.
Re:Anyone know anything more about this?
on
Triangle Boy Lives
·
· Score: 1
Your statement is true, but irrelevant to what we are talking about. The spoofed packets that will be arriving on the external interface will be from valid external hosts, presumably arriving as part of an existing TCP connection, not spoofed to be from your internal network. Like I said, if you have a stateful firewall and nothing looks fishy, this (spoofed) return traffic will be allowed back in.
Re:Anyone know anything more about this?
on
Triangle Boy Lives
·
· Score: 3, Informative
Quoting the article:... returns the requested page directly to the client browser, "spoofing" the origin address so that it appears to come from the Triangle Boy host. Unless I'm reading this wrong, or the author of the article doesn't know what they're talking about, the spoofing occurs outside of your network. Apparently, Triangle Boy knows that Safeweb IP addresses will be blocked by some firewalls or filtering software, so the return traffic from Safeweb (e.g. viewing web pages) is spoofed to the IP address of the Triangle Boy host. It's not like clients inside your network are spoofing their source addresses. If that were the case, you would be right and any decent firewall ruleset would block such activity. I know at least my firewall would block that Your firewall would block address spoofing from the inside, but not from the outside like in this case. I don't know the details, but I would think that the spoofing on Triangle Boy's part would have to take into account issues like TCP state and TCP sequence numbers to work properly, and IF these issues are taken care of, nothing would look suspicious to your firewall.
FreeBSD is my top choice for a desktop Unix-like system. In my experience, it's "snappier" performance-wise than any other Unix or Unix-like system I've used.
...something of a Linuxy bloat... Hardly; even with full source code + the ports collection installed, it only consumes about 700MB IIRC. OpenBSD does have a very small footprint, while still being very complete, but FreeBSD isn't that far off. Besides, for all of the utilities installed, there is one and only one version installed. I've seen plenty of Linux distributions with 3 versions of application foo and 3 versions of application bar installed - what's the point?
pain the butt to get the thing installed... horrors of getting it installed... In my experience, installing Debian is actually extremely straightforward. It takes you through the process step-by-step, with help available all along the way. The only problem I've ever had with Debian turned out to be a hardware problem anyway. It's been said before, but any time spent developing a "pretty" installer detracts from development of the OS itself. Plus, honestly the Unix proficiency necessary to do REAL work on any Unix-like system far surpasses that required to merely install the OS. Mandrake is geared towards people who are just starting out with Linux, and it's good for those folks, but people with more experience are typically turned off by some of Mandrake's aspects. Debian is geared towards those with more experience, and it too is good for that crowd, so it doesn't have to be as easy to install. And how often do you need to install the OS anyway?
HP has been quite supportive in the development of the HPPA Linux port, but with rumors abound of the possible demise of the PA-RISC platform, what might the effect be on this Linux port? On the other hand, I also wonder if HP's strong support for PA-RISC Linux may indicate their intention to keep PA-RISC around. Just some questions to ponder...
Uhh... these machines already have Mandrake installed; RTFA(ad). Therefore, whether an arbitrary Linux distribution is difficult to install is irrelevant. Regarding the "bravery" bit, Wal-Mart has apparently deliberatley chosen not to devote any store real-estate to these PCs, so a manager would have to be "brave" to waste space by setting up one of these machines in the store.
Right, sounds like they Slashdotted the satellite. Maybe (?) not very skillful, but interesting anyway. As referenced (not quite correctly) in the headline, this is similar to the Captain Midnight incident; he just turned up the power until his rogue signal overcame the legit signal. Does anyone know how powerful a transmitter it takes to pull off something like this? Captain midnight (IIRC) already had the equipment at his disposal, so the power wasn't an issue, but how about for amateurslike this case?
Slashdot Mirror
Gee, thanks for the tip. So when someone is in the market for a sporty car, you can chime in and say "why don't you just try a Ferrari."
How about: ...replaced 32 computer servers, based on the time-tested Unix operating systems, at an average cost of $50,000 each, with 40 Linux servers, at $3,000 a pop.
Going by their math - a brand new $3,000 x86 Linux machine will run rings around a $50,000 1993-vintage SPARCServer 1000 (which goes for around $200-$300 today.) And my handheld solar calculator has more computing power than a room full of 1960's-era big iron.
Large-format plotters are few and relatively expensive
Uhh.. no. Large format plotters are produced en masse and range anywhere in price from $1500 to, like you say, $100,000. Plus, it really depends on what the architects are doing with the plotter. We didn't get this information from the submitter, but architects use plotters for generally either layouts/details, which are simple line drawings, or renderings, which are full color high-resolution plots. I suspect most firms use primarily the former. If the submitter worked for a large firm that did spend "$100,000 on a plotter " he probably wouldn't be asking Slashdot for help finding a cheap solution. However, he's obviously working with an HP plotter and, to my knowledge, HP doesn't make the really high-end plotters.
VNC tunneled over SSH is nice. Works over slow links, too.
The place is called Comprenew. They are located just North of Grand Rapids, Michigan. On their website, they don't have the really low-end (cheap) stuff. If you go to the PCTC link on their site, it will give you an idea, however. The place itself is just a warehouse full of equipment that companies wanted to get rid of. There's some very unique stuff there. It's fun just to look around and see some of the obscure items they have. The cheap laptops aren't listed on the website because they only get one of each item usually, but if you talk to the people there, they might be willing to ship you one; N.B. everything there is strictly as is, although if you go there you can try anything out.
I know of a place where they have scads of 486 laptops for $5-$10. You can't get a Dreamcast for that cheap, much less the Broadband Adapter (NIC). You can get a PCMCIA NIC to go with your 486 notebook for $10. Besides, either way you have to get the hardware in the door. Neither the DC or a laptop are small enough to conceal when you're walking through the front door, but wouldn't you think carrying a Dreamcast into a company would attract attention, if not suspicion? Laptops are everywhere, and nobody will bat an eyelash if you're carrying one.
I have ATTBI with a dynamic IP and I just use ddclient to update my dyndns.org account. In practice, my IP doesn't change, but I put ddclient in my crontab for once a week, to keep my dyndns account active. As far as I can tell, the only time you'll get a new IP is when your MAC address is changed. I recently switched some hardware, and I got a new IP. ddclient updated dyndns, and almost immediately my dyndns domain resolved correctly.
When you login to the FTP site, it says SunOS 4.1. This is SunOS, not Solaris. IIRC any version of Solaris is identified as SunOS 5.x. So the question is, how secure is this antique OS?
Do you understand English? You and the OP are going around in circles. Neither the binary or source native OpenBSD versions of OpenSSH were trojaned. This is consistent with the article, and I just checked the actual source tarball myself. Oh, and by the way, this has nothing to do with the default install :)
How can speaking the truth be termed "being some kind of egotistical openbsd-zelot?" The compromised tarball is for OpenSSH Portable you nitwit. The OpenSSH binaries for OpenBSD 3.1 are in the distribution *.tgz files. These are not compromised, therefore, the claim on www.openbsd.org stands. Furthermore, the source code tarball of the OpenBSD version of OpenSSH was not compromised either. These tarballs are used to upgrade OpenSSH on an OpenBSD system, so they have nothing to do with a deafult install. However, since it is the portable version that was compromised, other OSs that use said tarball may have "a remote hole in the default install."
This guy is talking about embedded controllers that talk SMB. He's not talking about building a Linux box, or any type of *nix box at all. NFS doesn't enter the picture either, much less performance issues. He seems aware of any and all performance issues, since he's using old drives that are sitting on the shelf. The point is, how well do those embedded SMB/drive controllers work?
Actually, they've been around for a long time. Titanium dome tweeters have typically had an extended ultrasonic frequency range, with resonances in the (IIRC) 50KHz range. Some people say that titanium domes have a "harsh" sound, and they cite this as the reason. A lot of work has been done with crossovers to combat these resonances - even though they are well above accepted human audibility, they are such huge spikes that they can be problematic.
Certainly, speakers (especially computer speakers) vary greatly in their ability to produce ultrasonic sounds. Speakers with a single full-range cone driver (quite common) will be very limited, while 2-way or 3-way speakers, usually with a 1/2"-1" dome tweeter, will be more adept at producing ultrasonic sound. My main concern is that with low quality speakers, in order to get a high enough level of the ultrasonic sound, the audible range might need to be excessively loud. In regard to the article's mention of headaches, I'm not surprised. Most speakers would likely produce subharmonics of the ultrasonic frequencies, due to resonance/distortion. In other words, if the main frequency is e.g. 40KHz, a subharmonic of e.g. 20KHz may be emitted, which is just at or above human audible frequencies and may be rather annoying.
How often would this happen? It's sort of a novel idea, say if you're just learning about the fundamentals of security and networking, but if you're frequently getting cracked by kiddies, maybe you should take a deeper look at what you're doing right and wrong.
Couldn't have said it better myself. I knew Coke was a bad example when I looked at a can and saw "Coke."
Actually, I was referring to "correct" as in the full proper name. I don't know Jack Squat about linguistics and I'll agree with you that languages evolve, but a proper name is a proper name (unless there's a caveat about that, too.) One could make the same argument about e.g. Coca-Cola. Everybody calls it Coke, but technically the proper (correct in my terms) name of the product is still Coca-Cola. Just as the author of the parent post, someone with an interest in Coca-Cola might say that the ...shortened form [Coke] is still reviled today...
Your statement is true, but irrelevant to what we are talking about. The spoofed packets that will be arriving on the external interface will be from valid external hosts, presumably arriving as part of an existing TCP connection, not spoofed to be from your internal network. Like I said, if you have a stateful firewall and nothing looks fishy, this (spoofed) return traffic will be allowed back in.
Quoting the article: ... returns the requested page directly to the client browser, "spoofing" the origin address so that it appears to come from the Triangle Boy host.
Unless I'm reading this wrong, or the author of the article doesn't know what they're talking about, the spoofing occurs outside of your network. Apparently, Triangle Boy knows that Safeweb IP addresses will be blocked by some firewalls or filtering software, so the return traffic from Safeweb (e.g. viewing web pages) is spoofed to the IP address of the Triangle Boy host. It's not like clients inside your network are spoofing their source addresses. If that were the case, you would be right and any decent firewall ruleset would block such activity.
I know at least my firewall would block that
Your firewall would block address spoofing from the inside, but not from the outside like in this case. I don't know the details, but I would think that the spoofing on Triangle Boy's part would have to take into account issues like TCP state and TCP sequence numbers to work properly, and IF these issues are taken care of, nothing would look suspicious to your firewall.
FreeBSD is my top choice for a desktop Unix-like system. In my experience, it's "snappier" performance-wise than any other Unix or Unix-like system I've used.
...something of a Linuxy bloat...
Hardly; even with full source code + the ports collection installed, it only consumes about 700MB IIRC. OpenBSD does have a very small footprint, while still being very complete, but FreeBSD isn't that far off. Besides, for all of the utilities installed, there is one and only one version installed. I've seen plenty of Linux distributions with 3 versions of application foo and 3 versions of application bar installed - what's the point?
pain the butt to get the thing installed... horrors of getting it installed...
In my experience, installing Debian is actually extremely straightforward. It takes you through the process step-by-step, with help available all along the way. The only problem I've ever had with Debian turned out to be a hardware problem anyway. It's been said before, but any time spent developing a "pretty" installer detracts from development of the OS itself. Plus, honestly the Unix proficiency necessary to do REAL work on any Unix-like system far surpasses that required to merely install the OS. Mandrake is geared towards people who are just starting out with Linux, and it's good for those folks, but people with more experience are typically turned off by some of Mandrake's aspects. Debian is geared towards those with more experience, and it too is good for that crowd, so it doesn't have to be as easy to install. And how often do you need to install the OS anyway?
HP has been quite supportive in the development of the HPPA Linux port, but with rumors abound of the possible demise of the PA-RISC platform, what might the effect be on this Linux port? On the other hand, I also wonder if HP's strong support for PA-RISC Linux may indicate their intention to keep PA-RISC around. Just some questions to ponder...
Uhh... these machines already have Mandrake installed; RTFA(ad). Therefore, whether an arbitrary Linux distribution is difficult to install is irrelevant. Regarding the "bravery" bit, Wal-Mart has apparently deliberatley chosen not to devote any store real-estate to these PCs, so a manager would have to be "brave" to waste space by setting up one of these machines in the store.
Right, sounds like they Slashdotted the satellite. Maybe (?) not very skillful, but interesting anyway. As referenced (not quite correctly) in the headline, this is similar to the Captain Midnight incident; he just turned up the power until his rogue signal overcame the legit signal. Does anyone know how powerful a transmitter it takes to pull off something like this? Captain midnight (IIRC) already had the equipment at his disposal, so the power wasn't an issue, but how about for amateurslike this case?