Okay, this has got to one of the most pointless slashdot stories ever.
One, he is sniffing with a crappy piece of software that is barely a sniffer. Secondly, unless he has that XP system he claims is a Vista system, monitoring a HUB, not a switch, that the Vista machine's traffic has to go thru, he isn't sniffing anything relevant. Last, this is pointless paranoia.
You want to see more of your "government conspiracy traffic?" Find someone at an ISP to help you, as you will need a piece of public IP address space. Route it to someplace where you can monitor all the traffic destined to it, and plug nothing into that segment of your network. It just has to exist, and be publicly accessible. It goes nowhere, has no devices in it, it just exists. Then turn your sniffer on, and watch the botnet traffic fly by. Yeah, you will see attacks coming from everywhere, nowhere to go, and still they scan like crazy. And yes, you will see it come from DoD address space too, heaven for-fucking-bid.
Oh, and when do your sniffing, use a real sniffing tool. Then you can tell us what kind attacks the scary US government is mounting against its most paranoid citizens.
The door swings the other way too, I work for an ISP, and we get calls from customers who are having problems with voip. The voip carrier always tells it is an issue with their ISP. It invariably turns out that they need to forward some ports on their router, or actually plug the fucking device in correctly, but they want us to talk their customer through fixing what is an issue with their service, but for some reason, they see fit to blame us.
My policy for voip on our network: you can use it, it is not against our terms of service, we will do nothing to interfere with your service, but we will not guarantee that it will work, nor will we support it. If your internet is working, you have no reason to call me and say that I am somehow causing a problem with your voip service, I am not going to do some other company's end user support.
yes, there are a lot of tech guys who specialize in one very specific thing, and they are all the same. They all act like they are the end all be all of their particular discipline, and that their chosen technology is something that everyone needs. They tend to have a very narrow world view, be very rigid in both skill set and personality, and.... assholes.
Oh, and they are always full of stories about old deployments, that are usually long gone, like their usefulness.
Riiiight, wireless carriers less reliable than land lines? I have some news for you, they all suck. For starters, at least in this area, the lines in the ground are usually 60+ years old, and the LECs (this is Ohio, we have.... roughly 5 million different local exchange carriers) show no sign of planning to replace any lines. If you have line noise, they send a guy out, he plugs in at the demarc, hears noise, cuts you to a spare copper pair. If you call back six months later with another problem, there is a good chance some guy will cut you back to the original pair. Call again, more useless dodging the actual issue, ad nauseum. Then there is the problem running a phone switch, which Sprint United/Embarq/whatever the hell they are called these days seems to be particularly adept at. We regularly get irate calls from customers who tried to call us from their land line, only to be informed that we are "not accepting calls." Not a problem on our end, not a problem with our carrier, just a standard sprint error when a customer tries to call outside sprint's local calling area on a day when their switch techs have forgotten what a phone is for. Sprint has caused this issue twice in the past year alone, Verizon North has a similar issue they like to cause whenever my life is a bit too simple. My point is, this whole, "wireless is less reliable because it doesn't go over a wire" is just annoying nonsense. It is all unreliable crap, pick your poison, and enjoy it, but stop kidding yourself with this belief that land lines are somehow magically more reliable than their wireless counterparts. Each carrier has managed to find some aspect of their network that is just god awful, be it line provisioning issues, frequency conflicts, or the ever popular incompetent guy running the switch problem, something about them all sucks ass.
Also don't let the channels overlap like they do with 802.11b
Yes they do.
802.11anything is poorly suited for broadband delivery. It was designed for roaming around your home or office with a laptop, and performs steadily worse the more customers you add to the access point. Omni directional antennas tend to have problems with the "invisible neighbor," which is a well known 802.11 problem that occurs when two client radios off the same AP cannot see each other, and as a consequence do not receive "clear to send" packets with any reliability, and end up transmitting at the same time. Even sectorized radios with long range customers eventually develop the problem. The timing used for 802.11 is completely useless, allows one radio to monopolize most of the timing slots without any special tweaks, it just happens.
The beauty of 802.11b is that the power is low enough that the spectrum can be used by many people at once.
Yeah, that is why I can't use 2.4 ghz band for anything, because 802.11 is noisy in its own little tiny voice way, there is a shitload of it deployed, and there are a dozen wisps in every city who seem to think that the solution to all the problems they are experiencing with 802.11 for long range delivery is "more power!" Yeah, people amp the living hell of of their gear, which causes more problems when their competition has to amp their gear to compensate, so they amp their client side radios, more problems, competition amps their clients, more problems, I could go on and on.
2 - Routed - the router daemon that, in some shape, form or fashion, runs probably 90% of the internet. Without routers to move the traffic, the rest of it just a moot point
You are kidding right? You don't actually think that routed runs anything major do you? For starters, unix systems are not routers, they can be used as such, I use one at home. But for a backbone connection with millions of packets per second, they are a poor choice. They cannot keep up with a good cisco or foundry router.
Next, routed implements RIP, an interior routing protocol, for use within one AS, you _never_ use RIP for external routes to other networks, that is where BGP comes into play. Might I also mention that RIP is an ancient interior routing protocol, with serious limitations that make it a poor choice for all but the simplest networks. Most modern networks run on OSPF for internal routing, RIP is just pathetic.
I don't know anyone who still uses routed for anything serious, and certainly not the 90% figure you made up. I doubt it accounts for 1% of 1% of all routed traffic. It is just an old bat that has fallen by the wayside. Even networks that still use RIP for a segment or all of their interior routing use a better implementation of RIP than the one in routed.
If you want to use a UNIX system for a router, I suggest you look into OpenBSD's OpenOSPF and OpenBGP.
So far, I am digging the new look, very easy on the eyes.
So, here is what I do, why I do it, and what I wanted that doesn't seem to exist.
I check my mail from thunderbird, webmail, and mutt. So, using the incoming message filters to sort mail is not a good option. I use procmail for that. But, I would like to make use of the message filters to assign tags to certain letters. But, as far as I can tell, they are only automatically run for the inbox, other folders must have the filters run manually. Cause yeah, I want to do that. Am I wrong? Can this be done?
The improved tagging is very nice, now, let me automatically tag all my messages in all my folders and it will be damned near perfect.
Tomorrow we will be seeing the top 10 slashdot top ten stories on the front page!
Really, how many top ten, bottom ten, best of, and worst of lists have we had in recent memory? Seems like I see a new one or two every day, getting a little ridiculous. Sure, the occasional top ten list is funny, but they are rarely newsworthy.
This is a whole lot different than what most sites do. Notice how you type www.slashdot.org in, but end up at slashdot.org? Yeah, the line "HTTP/1.x 301 Moved Permanently" means they redirect you away from the www, probably because a lot of us think the www is stupid.
Most sites are configured to accept either the www.domain, or just the domain. Slashdot is not one of them.
Plain ol' OpenBSD for small business? I guess you want to by the guy they call any time they want to make a change? I usually recommend Netscreens for regular firewalls.
I never said 'Plain Ol' OpenBSD', that was your assumption. Web front ends are trivially easy to write for such tasks. I have a standard flash image I burn to 512 CF cards, show the customer how to access it from the LAN, and collect my fee. I almost never get called back until the customer thinks they need "my" newest version, which is the latest stable build of OpenBSD, with patches applied, and my web interface, latest tweaks and all, thrown on top.
Really not hard to design a solid product that is easy enough for even the "office guy who knows computers" to use.
Well, cisco has never had much of the home office market, but they do have a presence in the small office with the smaller pix models. But the earlier WRT54G models were very stable, and had built in VPN functionality, which many believe lead to Cisco neutering that line, so it wouldn't cut into PIS sales.
But you are right, consumer grade routers are pure crap. Why I recommend Soekris boards with OpenBSD for small businesses.
Have you actually bought a Linksys product lately, CISCO killed their good name. The quality different between a Linksys WRT54Gv4 and v5 is amazing. One is a solid router, the other is better used as a paper weight.
All in the name of protecting Cisco's SOHO marketshare from rock solid consumer grade products.
Glad to see the world is still convinced that universal broadband is a) cheap, and b) a right. Got news for you, it is neither, and this bill is such a complete and utter waste of time. Want to know why you can't get broadband? Because you live in the middle of nowhere! Here is how it works.
DSL only goes so far along the copper wire from the DSLAM in the phone company central office. If you are past 11-12000 feet, you can kiss ADSL goodbye, past 18000 ft, you can forget about SDSL. If you live further than that, no amount of, "we are expanding into your area" is going to happen. Unless the LEC builds a new CO, closer to you, and has all of your copper terminate there instead of the old place, then, you might be able to get DSL. But for the most part, if you can't get DSL now, you can't get DSL ever.
Cable costs thousands of dollars to grant access to an entire street, whether it has houses on it, or not. Generally, cable companies, in this area at least, have always been willing to build out for any customer with the cash in hand. If it is rural, they want you to help cover the installation cost. Buckeye Cable in NW ohio generally says, "if it is not a densely populated area for us, we need $10,000 up front to guarantee a return on our investment." Heaven forbid they make money, heaven forbid they not build out for one customer, at huge expense to themselves, so they can earn 69.95/month for basic cable and inet service off of one, maybe two customers.
If you live in the middle of nowhere, either find a solid WISP, fork over the cash for expensive telecom, or quit your bitching. It is not the faceless phone company's fault that you can't get the same internet as someone in the burbs can. No amount of putting all this data on a map is going to change any of this.
I call bullshit, end users don't RTFM regardless of the OS and they are just as incapable of operating a windows based system, as they are a Linux one. I got news for you, when they can't figure something out, who do they call? Their fucking ISP. Yes folks, when you can't figure out how to operate your scanner, call your ISP, it happens all the time.
I guess that is what I get for providing English speaking service and almost no hold time. But seriously, what difference would it really make? They'd get about the same number of calls from morons, and I would get the rest.
Wait, why am I arguing this? I could care less if Dell offers Linux on its PCs. For starters, I could install it if I want, and more importantly, I don't give a flying fuck what anyone else runs, just don't make _me_ run windows. I may not care, but it is still a load of crap, Dell's tech support is crappy on purpose, it encourages them to call me, because I am easier to talk to.
I have a DNS record for the myspace.com, which directs all queries to an internal IP address, which my apache web server answers with an ever rotating, badly written excuse of a massive internal myspace calamity. No one buys it, but no one gets to myspace from my network either. Just have your DNS server answer queries for myspace.com and anything under it as if it has authority to do so, do whatever ya want at that point. Just make sure you force your users to use your DNS server, lest they start using one from your ISP and get right around this. I suppose you could work around it by accessing myspace in a way other than myspace.com, but I would venture a guess that for every myspace user that knows how to do that, there are two hundred who don't.
You notice any trends, start seeing lots of people going to www.gettomyspaceatwork.com, do the same thing for that.
What would be cool is a route list of social networking sites IP addresses, advertised like route servers advertise BGP bogons. Null route it at the IP level, and not have to maintain the bastard by hand for every time one of them gets a new allocation of addresses from ARIN.
No, I am mostly embarressed about my connection to that hellhole as you are. Speaking out would mostly annoy me, and that is enough to make me not care that much anymore. The higher ups in ITS at that place are the lowest forms of life I have ever had to deal with. My skin crawls with the thought of being near them, so I won't.
Fear has nothing to do with it, but it will end up giving me a headache for 2 days straight, and it just isn't worth the effort. Some of us are so sick of that university, that we don't want to even think about any new tales of 100% grade A idiocy, with a healthy dose of retro grade evil thrown in, it just makes our heads hurt.
But I will say this, 'Hey Strick, if you are reading this, a talk on network security should _not_ be 45 minutes of you saying, "Well, we noticed a student doing something suspicious, so we called the FBI.... and then this other time.... we contacted the FBI...... FBI...... FBI" You don't know dick about security, never will, your idea of proactive security is to arrest any student who runs traceroute across your fine, fine stupernet.'
I attended said university, I know Paul very well. I still run into him in town occasionally, and I will be sure to shake his hand for this.
I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud. I am not there anymore, they don't effect me. I will just be happy that Paul is still the fine individual I have always looked up to.
I work for an ISP, so I see lots of networks. We provide transit for a few auto dealerships, and they all seem to like using thin clients, as they take up less room, make less noise, and are easy to monitor. For some odd reason, auto dealers seem to watch their employees like they are hawks. We service about 4 dealerships, and they all work this way.
We provided transit service for a political party this past election, won't say who, suffice to say they never paid their bill and are being sent to collections..... They used a few thin clients.
And my favorite, is a data processing company that has never migrated away from the dumbest of dumb terminals. They have those old IBM clients that you used to see in airports. They expect some proprietary IBM serial proto over a 56k leased line. We set up their network using DSL at two locations, and a VPN to cut down on the costs of the 8 or so leased lines they were getting. The connection is priceless.
It is proprietary serial proto, encapped in IP traffic, which is carried over SDSL which is carried over ATM.... oh, and a VPN in there somewhere too. All that, to get 8 dumb terms from the remote office, to the main office, where the AS400 lives.
All because they didn't want to upgrade. Somehow, it has yet to break.
Slashdot Mirror
Okay, this has got to one of the most pointless slashdot stories ever.
One, he is sniffing with a crappy piece of software that is barely a sniffer. Secondly, unless he has that XP system he claims is a Vista system, monitoring a HUB, not a switch, that the Vista machine's traffic has to go thru, he isn't sniffing anything relevant. Last, this is pointless paranoia.
You want to see more of your "government conspiracy traffic?" Find someone at an ISP to help you, as you will need a piece of public IP address space. Route it to someplace where you can monitor all the traffic destined to it, and plug nothing into that segment of your network. It just has to exist, and be publicly accessible. It goes nowhere, has no devices in it, it just exists. Then turn your sniffer on, and watch the botnet traffic fly by. Yeah, you will see attacks coming from everywhere, nowhere to go, and still they scan like crazy. And yes, you will see it come from DoD address space too, heaven for-fucking-bid.
Oh, and when do your sniffing, use a real sniffing tool. Then you can tell us what kind attacks the scary US government is mounting against its most paranoid citizens.
The door swings the other way too, I work for an ISP, and we get calls from customers who are having problems with voip. The voip carrier always tells it is an issue with their ISP. It invariably turns out that they need to forward some ports on their router, or actually plug the fucking device in correctly, but they want us to talk their customer through fixing what is an issue with their service, but for some reason, they see fit to blame us.
My policy for voip on our network: you can use it, it is not against our terms of service, we will do nothing to interfere with your service, but we will not guarantee that it will work, nor will we support it. If your internet is working, you have no reason to call me and say that I am somehow causing a problem with your voip service, I am not going to do some other company's end user support.
yes, there are a lot of tech guys who specialize in one very specific thing, and they are all the same. They all act like they are the end all be all of their particular discipline, and that their chosen technology is something that everyone needs. They tend to have a very narrow world view, be very rigid in both skill set and personality, and.... assholes.
Oh, and they are always full of stories about old deployments, that are usually long gone, like their usefulness.
Old Netware guys are the worst.
Riiiight, wireless carriers less reliable than land lines? I have some news for you, they all suck. For starters, at least in this area, the lines in the ground are usually 60+ years old, and the LECs (this is Ohio, we have.... roughly 5 million different local exchange carriers) show no sign of planning to replace any lines. If you have line noise, they send a guy out, he plugs in at the demarc, hears noise, cuts you to a spare copper pair. If you call back six months later with another problem, there is a good chance some guy will cut you back to the original pair. Call again, more useless dodging the actual issue, ad nauseum. Then there is the problem running a phone switch, which Sprint United/Embarq/whatever the hell they are called these days seems to be particularly adept at. We regularly get irate calls from customers who tried to call us from their land line, only to be informed that we are "not accepting calls." Not a problem on our end, not a problem with our carrier, just a standard sprint error when a customer tries to call outside sprint's local calling area on a day when their switch techs have forgotten what a phone is for. Sprint has caused this issue twice in the past year alone, Verizon North has a similar issue they like to cause whenever my life is a bit too simple. My point is, this whole, "wireless is less reliable because it doesn't go over a wire" is just annoying nonsense. It is all unreliable crap, pick your poison, and enjoy it, but stop kidding yourself with this belief that land lines are somehow magically more reliable than their wireless counterparts. Each carrier has managed to find some aspect of their network that is just god awful, be it line provisioning issues, frequency conflicts, or the ever popular incompetent guy running the switch problem, something about them all sucks ass.
Yes they do.
802.11anything is poorly suited for broadband delivery. It was designed for roaming around your home or office with a laptop, and performs steadily worse the more customers you add to the access point. Omni directional antennas tend to have problems with the "invisible neighbor," which is a well known 802.11 problem that occurs when two client radios off the same AP cannot see each other, and as a consequence do not receive "clear to send" packets with any reliability, and end up transmitting at the same time. Even sectorized radios with long range customers eventually develop the problem. The timing used for 802.11 is completely useless, allows one radio to monopolize most of the timing slots without any special tweaks, it just happens.
Yeah, that is why I can't use 2.4 ghz band for anything, because 802.11 is noisy in its own little tiny voice way, there is a shitload of it deployed, and there are a dozen wisps in every city who seem to think that the solution to all the problems they are experiencing with 802.11 for long range delivery is "more power!" Yeah, people amp the living hell of of their gear, which causes more problems when their competition has to amp their gear to compensate, so they amp their client side radios, more problems, competition amps their clients, more problems, I could go on and on.
You are kidding right? You don't actually think that routed runs anything major do you? For starters, unix systems are not routers, they can be used as such, I use one at home. But for a backbone connection with millions of packets per second, they are a poor choice. They cannot keep up with a good cisco or foundry router.
Next, routed implements RIP, an interior routing protocol, for use within one AS, you _never_ use RIP for external routes to other networks, that is where BGP comes into play. Might I also mention that RIP is an ancient interior routing protocol, with serious limitations that make it a poor choice for all but the simplest networks. Most modern networks run on OSPF for internal routing, RIP is just pathetic.
I don't know anyone who still uses routed for anything serious, and certainly not the 90% figure you made up. I doubt it accounts for 1% of 1% of all routed traffic. It is just an old bat that has fallen by the wayside. Even networks that still use RIP for a segment or all of their interior routing use a better implementation of RIP than the one in routed.
If you want to use a UNIX system for a router, I suggest you look into OpenBSD's OpenOSPF and OpenBGP.
So far, I am digging the new look, very easy on the eyes.
So, here is what I do, why I do it, and what I wanted that doesn't seem to exist.
I check my mail from thunderbird, webmail, and mutt. So, using the incoming message filters to sort mail is not a good option. I use procmail for that. But, I would like to make use of the message filters to assign tags to certain letters. But, as far as I can tell, they are only automatically run for the inbox, other folders must have the filters run manually. Cause yeah, I want to do that. Am I wrong? Can this be done?
The improved tagging is very nice, now, let me automatically tag all my messages in all my folders and it will be damned near perfect.
Tomorrow we will be seeing the top 10 slashdot top ten stories on the front page!
Really, how many top ten, bottom ten, best of, and worst of lists have we had in recent memory? Seems like I see a new one or two every day, getting a little ridiculous. Sure, the occasional top ten list is funny, but they are rarely newsworthy.
I am aware of the definition.... it also happens to take exactly one year, just like I said, "It is a year"
I was making light of the fact that the original poster seems to think that a year, and a light year are different in terms of time passed.
>>Firefox 2 is years ahead of IE7. Firefox 3 will be light years ahead
>Um, Dude - a light year isn't a measure of time.
Sure it is, its a year!
s/in case/in ANY case/g
Don't drink and
Yes this is true, the www does indeed kill the joke, but the www is still very stupid in case.
This is a whole lot different than what most sites do. Notice how you type www.slashdot.org in, but end up at slashdot.org? Yeah, the line "HTTP/1.x 301 Moved Permanently" means they redirect you away from the www, probably because a lot of us think the www is stupid.
Most sites are configured to accept either the www.domain, or just the domain. Slashdot is not one of them.
Doi, I know how to use slashdot: http://slashdot.org/comments.pl?sid=228319&cid=185 27277
I never said 'Plain Ol' OpenBSD', that was your assumption. Web front ends are trivially easy to write for such tasks. I have a standard flash image I burn to 512 CF cards, show the customer how to access it from the LAN, and collect my fee. I almost never get called back until the customer thinks they need "my" newest version, which is the latest stable build of OpenBSD, with patches applied, and my web interface, latest tweaks and all, thrown on top.
Really not hard to design a solid product that is easy enough for even the "office guy who knows computers" to use.
Well, cisco has never had much of the home office market, but they do have a presence in the small office with the smaller pix models. But the earlier WRT54G models were very stable, and had built in VPN functionality, which many believe lead to Cisco neutering that line, so it wouldn't cut into PIS sales.
But you are right, consumer grade routers are pure crap. Why I recommend Soekris boards with OpenBSD for small businesses.
Have you actually bought a Linksys product lately, CISCO killed their good name. The quality different between a Linksys WRT54Gv4 and v5 is amazing. One is a solid router, the other is better used as a paper weight.
All in the name of protecting Cisco's SOHO marketshare from rock solid consumer grade products.
Glad to see the world is still convinced that universal broadband is a) cheap, and b) a right. Got news for you, it is neither, and this bill is such a complete and utter waste of time. Want to know why you can't get broadband? Because you live in the middle of nowhere! Here is how it works.
DSL only goes so far along the copper wire from the DSLAM in the phone company central office. If you are past 11-12000 feet, you can kiss ADSL goodbye, past 18000 ft, you can forget about SDSL. If you live further than that, no amount of, "we are expanding into your area" is going to happen. Unless the LEC builds a new CO, closer to you, and has all of your copper terminate there instead of the old place, then, you might be able to get DSL. But for the most part, if you can't get DSL now, you can't get DSL ever.
Cable costs thousands of dollars to grant access to an entire street, whether it has houses on it, or not. Generally, cable companies, in this area at least, have always been willing to build out for any customer with the cash in hand. If it is rural, they want you to help cover the installation cost. Buckeye Cable in NW ohio generally says, "if it is not a densely populated area for us, we need $10,000 up front to guarantee a return on our investment." Heaven forbid they make money, heaven forbid they not build out for one customer, at huge expense to themselves, so they can earn 69.95/month for basic cable and inet service off of one, maybe two customers.
If you live in the middle of nowhere, either find a solid WISP, fork over the cash for expensive telecom, or quit your bitching. It is not the faceless phone company's fault that you can't get the same internet as someone in the burbs can. No amount of putting all this data on a map is going to change any of this.
I call bullshit, end users don't RTFM regardless of the OS and they are just as incapable of operating a windows based system, as they are a Linux one. I got news for you, when they can't figure something out, who do they call? Their fucking ISP. Yes folks, when you can't figure out how to operate your scanner, call your ISP, it happens all the time.
I guess that is what I get for providing English speaking service and almost no hold time. But seriously, what difference would it really make? They'd get about the same number of calls from morons, and I would get the rest.
Wait, why am I arguing this? I could care less if Dell offers Linux on its PCs. For starters, I could install it if I want, and more importantly, I don't give a flying fuck what anyone else runs, just don't make _me_ run windows. I may not care, but it is still a load of crap, Dell's tech support is crappy on purpose, it encourages them to call me, because I am easier to talk to.
I have a DNS record for the myspace.com, which directs all queries to an internal IP address, which my apache web server answers with an ever rotating, badly written excuse of a massive internal myspace calamity. No one buys it, but no one gets to myspace from my network either. Just have your DNS server answer queries for myspace.com and anything under it as if it has authority to do so, do whatever ya want at that point. Just make sure you force your users to use your DNS server, lest they start using one from your ISP and get right around this. I suppose you could work around it by accessing myspace in a way other than myspace.com, but I would venture a guess that for every myspace user that knows how to do that, there are two hundred who don't.
You notice any trends, start seeing lots of people going to www.gettomyspaceatwork.com, do the same thing for that.
What would be cool is a route list of social networking sites IP addresses, advertised like route servers advertise BGP bogons. Null route it at the IP level, and not have to maintain the bastard by hand for every time one of them gets a new allocation of addresses from ARIN.
I already sent him a letter about this.
And I am pretty sure his wife would not appreciate that offer.
No, I am mostly embarressed about my connection to that hellhole as you are. Speaking out would mostly annoy me, and that is enough to make me not care that much anymore. The higher ups in ITS at that place are the lowest forms of life I have ever had to deal with. My skin crawls with the thought of being near them, so I won't.
Fear has nothing to do with it, but it will end up giving me a headache for 2 days straight, and it just isn't worth the effort. Some of us are so sick of that university, that we don't want to even think about any new tales of 100% grade A idiocy, with a healthy dose of retro grade evil thrown in, it just makes our heads hurt.
But I will say this, 'Hey Strick, if you are reading this, a talk on network security should _not_ be 45 minutes of you saying, "Well, we noticed a student doing something suspicious, so we called the FBI.... and then this other time.... we contacted the FBI...... FBI...... FBI" You don't know dick about security, never will, your idea of proactive security is to arrest any student who runs traceroute across your fine, fine stupernet.'
I attended said university, I know Paul very well. I still run into him in town occasionally, and I will be sure to shake his hand for this.
I could say a lot of BAD things about *university* ITS, but I'd probably get me in far more trouble than it is worth to say them out loud. I am not there anymore, they don't effect me. I will just be happy that Paul is still the fine individual I have always looked up to.
I work for an ISP, so I see lots of networks. We provide transit for a few auto dealerships, and they all seem to like using thin clients, as they take up less room, make less noise, and are easy to monitor. For some odd reason, auto dealers seem to watch their employees like they are hawks. We service about 4 dealerships, and they all work this way.
We provided transit service for a political party this past election, won't say who, suffice to say they never paid their bill and are being sent to collections..... They used a few thin clients.
And my favorite, is a data processing company that has never migrated away from the dumbest of dumb terminals. They have those old IBM clients that you used to see in airports. They expect some proprietary IBM serial proto over a 56k leased line. We set up their network using DSL at two locations, and a VPN to cut down on the costs of the 8 or so leased lines they were getting. The connection is priceless.
It is proprietary serial proto, encapped in IP traffic, which is carried over SDSL which is carried over ATM.... oh, and a VPN in there somewhere too. All that, to get 8 dumb terms from the remote office, to the main office, where the AS400 lives.
All because they didn't want to upgrade. Somehow, it has yet to break.