I agree fully. We only use Spamhaus which has proved itself to be highly effective, plus to date no clients have noticed legitimate email being blocked. Spamhaus have a very clear policy and procedure, significantly reducing the chance of legitimate mail being impacted. Their Register of Known Spamming Organisations (ROKSO) is also brilliant.
A proper database server, one that is fully ACID complient, will successfully recover from a power failure, as it will replay the logs in order to undo or redo changes that were occuring when the power outage happened. This is typically achieved using Write Ahead Logging (WAL). PostgreSQL, Oracle, MSSQL and other such RDBMS systems are capable of this. MySQL with InnoDB comes close, but not quite. I believe that MySQL MaxDB (which was SAPDB) is fully ACID complient, if you wanted to stick with MySQL.
To bind to a port under 1024 you have to have root level access, however that's not to say that you can't drop priviledges shortly there after (which you should do, if at all possible).
Besides that, anti-virus software is effectively necessary on Windows due to the lack of security and the buggy email and web browsing clients. However, Mac OS X and most Linux distributions don't suffer from the same problems, particularly when installed and configured properly (ie. don't log in as root!) I guess you could bundle ClamAV and Dazuko with the Linux Desktop distros, just to give people a warm fuzzy.
From a corporate perspective, it is still a risky business communicating business related information via instant messaging. Even if it is integrated so that one can easily talk between AOL/Yahoo/MSN, it is still going to be in the clear and easily accessible to those who have access to a network path (tcpdump anyone!) or access to the servers.
Unless of course you plan on adding encryption to the grand scheme of things, which introduces the usual world of authentication and identification problems.
The other easy way is the conversion ratio of 0.3937 (1/2.54). To go from inches to centimetres you simply divide by 0.3937, or to convert from centimetres to inches simply multiply by the same.
My thoughts exactly. Why put up $5 million dollars to catch people who write virii and worms that exploit known security holes? Wouldn't that money be better spent working to improve the security of said software?
After all, it's only a matter of time before one of these virii or worms is malicious and does far more than just slow down sections of the Internet. Microsoft bashing aside, lets face it, $5 million in reward money isn't going to help people who have had all their Microsoft Office documents removed or their MBR deleted by the a worm that exploits the next big security hole.
This was first posted on Bugtraq
several days ago, five days ago to be precise... Looks like Yahoo and the rest of the media are just starting to catch on now...
It is a *new* security exploit, based on several new security holes that Li Die Yu found. Given Microsoft's history of rapid responses, I guess one could be forgiven for not even attempting a notification. Has anyone seen a patch from Microsoft yet?;)
Oh, and the way to avoid potential future exploits, disable scripting within the Internet zone... (or use another browser!)
I don't believe that comment is correct. The same security researcher, Li Die Yu, released a number of advisories a few weeks back, that combined a number of unpatched security holes to yield some major security issues.
This time around however, Li Die Yu has released an exploit which is based on new unreleased security issues with Internet Explorer. See the original posting on Bugtraq for the full details.
I've not long finished reading "The Cuckoo's Egg" by Clifford Stoll. Whilst it isn't exactly a technical computing book, it is a fantastic read - one of those books that you just want to keep reading and do not want to put down.
Stoll is a brilliant author and the content is easy to absorb, certainly well written for those who do not have a technical background. His thought process is amazing and his level of determination is increadible. If you want to find out how to catch a cracker, this is simply a must read...
Not sure what you're referring to regarding.com.au domains. As far as I know we've never had wildcards. Further more, there are strict conditions that have to be meet in order to register a.com.au domain. They have been slightly relaxed from the 1st of July this year, however they are still rather strict (and so they should be IMHO.) See schedule C in the AUDA policy document if you're interested in the gory details.
Whilst null routing VeriSign's IP block stops you reaching their servers, it does nothing to correct the underlying problem. Attempts to resolve non-existant domains will still return an IP address instead of NXDOMAIN...
Your SMTP server is still going to attempt to connect to their server to deliver any mail which you've addressed to a non-existant domain.
Many people will either null route their IP blocks or patch BIND (a far better alternative!), however only a few hundred thousand users are needed to keep this thing working as a cash cow for Verisign...
Even if you do have a PhD, who says you have to put it on your resume? If you think it will 'over qualify' you for the job that you're applying for then leave it off. If you get an interview then you can use it as a wildcard then. As with most things in life, you can't subsitute real world experience for study at any level and I don't think a PhD or masters makes any exception.
Slashdot Mirror
Did anyone else read "Yoshio Watanabe" as "Yoshio Wannabe"?!? :)
I agree fully. We only use Spamhaus which has proved itself to be highly effective, plus to date no clients have noticed legitimate email being blocked. Spamhaus have a very clear policy and procedure, significantly reducing the chance of legitimate mail being impacted. Their Register of Known Spamming Organisations (ROKSO) is also brilliant.
A proper database server, one that is fully ACID complient, will successfully recover from a power failure, as it will replay the logs in order to undo or redo changes that were occuring when the power outage happened. This is typically achieved using Write Ahead Logging (WAL). PostgreSQL, Oracle, MSSQL and other such RDBMS systems are capable of this. MySQL with InnoDB comes close, but not quite. I believe that MySQL MaxDB (which was SAPDB) is fully ACID complient, if you wanted to stick with MySQL.
To bind to a port under 1024 you have to have root level access, however that's not to say that you can't drop priviledges shortly there after (which you should do, if at all possible).
Reminds me of the following quote:
"The nice thing about standards is that you have so many to choose from." - Andy Tanenbaum
Besides that, anti-virus software is effectively necessary on Windows due to the lack of security and the buggy email and web browsing clients. However, Mac OS X and most Linux distributions don't suffer from the same problems, particularly when installed and configured properly (ie. don't log in as root!) I guess you could bundle ClamAV and Dazuko with the Linux Desktop distros, just to give people a warm fuzzy.
Seems there is also:
c gi?camera=&resolution=640x480 c gi?camera=&resolution=640x480 c gi?camera=&resolution=640x480
:)
http://lobbycamera1.abia.org/axis-cgi/mjpg/video.
http://lobbycamera2.abia.org/axis-cgi/mjpg/video.
http://lobbycamera3.abia.org/axis-cgi/mjpg/video.
For different views
No, usually it takes three or four! :)
From a corporate perspective, it is still a risky business communicating business related information via instant messaging. Even if it is integrated so that one can easily talk between AOL/Yahoo/MSN, it is still going to be in the clear and easily accessible to those who have access to a network path (tcpdump anyone!) or access to the servers.
Unless of course you plan on adding encryption to the grand scheme of things, which introduces the usual world of authentication and identification problems.
The other easy way is the conversion ratio of 0.3937 (1/2.54). To go from inches to centimetres you simply divide by 0.3937, or to convert from centimetres to inches simply multiply by the same.
My thoughts exactly. Why put up $5 million dollars to catch people who write virii and worms that exploit known security holes? Wouldn't that money be better spent working to improve the security of said software?
After all, it's only a matter of time before one of these virii or worms is malicious and does far more than just slow down sections of the Internet. Microsoft bashing aside, lets face it, $5 million in reward money isn't going to help people who have had all their Microsoft Office documents removed or their MBR deleted by the a worm that exploits the next big security hole.
Sigh!
It is a *new* security exploit, based on several new security holes that Li Die Yu found. Given Microsoft's history of rapid responses, I guess one could be forgiven for not even attempting a notification. Has anyone seen a patch from Microsoft yet? ;)
Oh, and the way to avoid potential future exploits, disable scripting within the Internet zone... (or use another browser!)
This time around however, Li Die Yu has released an exploit which is based on new unreleased security issues with Internet Explorer. See the original posting on Bugtraq for the full details.
I've not long finished reading "The Cuckoo's Egg" by Clifford Stoll. Whilst it isn't exactly a technical computing book, it is a fantastic read - one of those books that you just want to keep reading and do not want to put down.
Stoll is a brilliant author and the content is easy to absorb, certainly well written for those who do not have a technical background. His thought process is amazing and his level of determination is increadible. If you want to find out how to catch a cracker, this is simply a must read...
Not sure what you're referring to regarding .com.au domains. As far as I know we've never had wildcards. Further more, there are strict conditions that have to be meet in order to register a .com.au domain. They have been slightly relaxed from the 1st of July this year, however they are still rather strict (and so they should be IMHO.) See schedule C in the AUDA policy document if you're interested in the gory details.
Whilst null routing VeriSign's IP block stops you reaching their servers, it does nothing to correct the underlying problem. Attempts to resolve non-existant domains will still return an IP address instead of NXDOMAIN...
Your SMTP server is still going to attempt to connect to their server to deliver any mail which you've addressed to a non-existant domain.
Many people will either null route their IP blocks or patch BIND (a far better alternative!), however only a few hundred thousand users are needed to keep this thing working as a cash cow for Verisign...
Even if you do have a PhD, who says you have to put it on your resume? If you think it will 'over qualify' you for the job that you're applying for then leave it off. If you get an interview then you can use it as a wildcard then. As with most things in life, you can't subsitute real world experience for study at any level and I don't think a PhD or masters makes any exception.
Two of the last three postings by CmdrTaco have been dupes - we might be on to a pattern here :)
;)
Hrmmm... might be time for some caffiene