Files created by a "make install" usually don't have any way to cleanly remove or upgrade them; you can upgrade by installing a new version over the old, but if the old version included any files that were removed in the new version, you still have that cruft sitting around.
That's why you use something like Epkg to manage symlinks into/usr/local/whatever. Simply add a
--prefix=/usr/local/encap/package-version
to your configure command, build and install as usual, and use epkg to manage which version actually shows up in/usr/local. You can even try the new version out from/usr/local/encap/package-version without removing the old version until you're ready.
What happens when the number of addresses available in 192.168 or 10. runs out? If we continue to move toward embedded devices with IPs, more computers, more servers, more , it's not that unlikely that a corporate NAT would get filled up. What do you do then? Start NATing the NAT? Each person gets their own NAT box and a single 10. address that then gets NATed to a single corporate address?
I guess the solution then is to switch to an IPv6 NAT... but then why not just switch to IPv6 and not have to worry about NATs anymore? If you want a NAT for the security features, go ahead, but if you use NAT just because you can't afford/don't have anymore IPs, then IPv6 is better.
Usually when a machine is trojaned, it communicates with the trojan creator actively, meaning it connects to an IRC channel, sends an email, somehow communicates on it's own. Most trojans would not be affected by an inbound firewall block since they would still be able to connect to the controller.
It would not be that difficult to modify a trojan that gets it's commands through an IRC channel to send a spam through that same channel.
Slashdot Mirror
I'll wager Gentoo will have it first ;)
Yeah, but by the time you're done building it, FC2 will be released.
What happens when the number of addresses available in 192.168 or 10. runs out? If we continue to move toward embedded devices with IPs, more computers, more servers, more , it's not that unlikely that a corporate NAT would get filled up. What do you do then? Start NATing the NAT? Each person gets their own NAT box and a single 10. address that then gets NATed to a single corporate address?
I guess the solution then is to switch to an IPv6 NAT... but then why not just switch to IPv6 and not have to worry about NATs anymore? If you want a NAT for the security features, go ahead, but if you use NAT just because you can't afford/don't have anymore IPs, then IPv6 is better.
Usually when a machine is trojaned, it communicates with the trojan creator actively, meaning it connects to an IRC channel, sends an email, somehow communicates on it's own. Most trojans would not be affected by an inbound firewall block since they would still be able to connect to the controller.
It would not be that difficult to modify a trojan that gets it's commands through an IRC channel to send a spam through that same channel.