Anyone remember John Goodman's character in The Big Lebowski?
"Saturday, Donny, is shabbas, the Jewish day of rest. That means I don't work, I don't drive a car, I don't fucking ride in a car, I don't handle money, I don't turn on the oven, and I sure as shit don't fucking roll!"
...and I already have such a feature that comes with DCable... you can fetch the local movie showtimes, get the local weather instantly, etc. AOL just wants to take over the world. The way I see it, this would become merged with a DigiCable feature on Time Warner cable systems (of which I am not I subscriber, so I wouldn't know).
Wow, I think you just described the idea behind the NY Times registration system. Seriously, why do they link to these people? Ever think Slashdot can set up a link-exchange program (such as AltaVista has) which is randomly keyed using a DB-generated URL, that allows access without registration, yet puts the NYTimes article in a customized border with ads?
Oh, enough with the anti-Government conspiracy theories already! When will you all understand that if you have nothing to hide that there is no reason to be paranoid like this. What are you a terrorist or something?
still no multitasking or virtual or protected memory (on 486 so the hardware is no excuse)
Huh? I'm almost positive you have no idea what you're talking about. Netware has had protected memory space since v 5.0. Just do a "load address space = foo bar". And, uh, if by virtual memory you mean a page file, yeah it has that too!!
Bzzt. That's if you're compiling Apache or installing from scratch. How many default RedHat Apache server IDs have you seen? They are usually running mod_this and mod_that.
I actually caught a friend of mine, who is a pretty knowledgeable person when it comes to Linux, and I alerted him to the fact that he was running 7 unnecessary modules on his server, which is bad for security. His response? "I don't care."
Netware, believe it or not, runs on top of DOS. True IP file/print sharing, web serving (yes, if you didn't know, Apache and Netscape Enterprise server run on Netware!), all that good stuff run on Netware, yet you can still type down at the server prompt and get a C:\> prompt.
Caldera DR-DOS was pretty popular on Novell servers. Netware boots just like LoadLin boots Linux, except unlike Linux, you can exit to DOS, and just type server at the C prompt and basically warm-boot your server without rebooting it.
Yes. A word of advice: don't fuck with poledit on a Novell network. That causes trouble with multiple login servers. Been there, done that. Unlike NT, where you have a dedicated domain controller where everyone and his brother logs into, in novell, if you have your.POL file in SYS:PUBLIC\, it will look for it on that logon server... forever. It becomes "sticky" in the registry. Note that this applies only to Win9x clients. With Novell use ZENWorks.
Of course, I think when you logon to an NT domain, an environment variable like %HOMEDRIVE% and %HOMEDIR% are created, so programs like Office create your My Documents folder in %HOMEDRIVE%\My Documents. If you have lots of Win9x clients you could probably (albeit more difficult) set up a Samba server with users/passwords and create Username$ shares for all the users. Map a few drives, make them persistent connections, and just push a.reg file out to the clients to fix Office's default "My Documents" folder.
Of course if everyone was running Windows 2000 you could just use Group Policy, which I might add is the bomb diggity, yo.
I vaguely remember this old local root exploit on Sun machines... you used to be able to walk up to the console when it says login:, hit Enter a bunch of times, overflow the buffer, and whammo, you're in as root.
A lot of the "bugs" in Unix type software are unexploited, and very difficult to exploit, or are local only. People generally don't look for these as often in MS products because it's assumed that once you have one account, you will pretty much have run of the system, since most services run with a high level of priveledge.
That is such absurd horseshit. Most services run with the privlege that you give it. If you let Joe Blow admin your box, whether it be Unix or Windows, you're screwed either way.
I personally think its easier to make a Unix box vulnerable than an NT box. But no one wants to admit that because most of the *nix admin community have their heads so far up their collective asses that they have trouble seeing it any way but theres.
It depends. If you have sshd running, it depends what username it's running as when it's running as a service, and if it authenticates against the NT users 'n groups (like MS telentd that comes with Win2k - it even adds some encryption to make it more ssh-like), you take on the security policy of that specific user that you logged in as. If it doesn't you take on the security policy of the sshd's running username.
It all depends on if the daemon you're authenticating against is authenticating you against the SAM database (i.e. your NT username/password). Then the NT security policies apply. IOW, programs that would be covered by this would include network shares, ftp, iis, etc. - they all authenticate against the NT users and groups. (I think they call it 'integrated authentication' now.)
Does that answer your question, or am I still misunderstanding?
Not sure what you mean. Run 'gpedit.msc' to load Group Policy; assign it to whatever group/user you want. It denys logon except from the local console. I.e., you can't map a network share to the box/domain in question.
It means exactly what it says. Here is the explanation from MS TechNet for those with feeble minds:
Another user right that is sometimes modified is the right to access a computer from the network. On some networks, the security policy dictates that administrators must work from the console of the server. Consequently, the Administrators group is removed from the right to access the computer from the network on all servers. Because administrators cannot access the server remotely, potential hackers are forced to gain physical access to the system or compromise security using an ordinary user account.
Kind of how you can't FTP, etc. as root by default on a Linux box. But it's system-wide, and applies to all groups/users the policy is applied to.
I think department was inappropriate--- ZDNet HAS a clue. Here's what KDE developer Wolfram Diestel has to say about the matter:
"No, at the moment I only get money from my wife for caring for my daughter."
Another KDE developer, Rik Hemsley, is not paid as well. He spends 20-40 hours a week on KDE!!
Don't these people value their time???
That's fucking pathetic, if you ask me. I encourage everyone to go over and read Eric Hufschmid's editorials. They really make you think about this whole situation.
So, what the f**k is more important to you, your personal data, or still being able to run fortune after your personal data has been blown to smitherines?
Yes, it's just so complicated. Here is an example of a few of the available group policies:
"Access the computer from the network" "Allow logon through Terminal Services" "Change the system time" "Create a pagefile" "Deny access from the network" "Deny local logons" "Deny logon through Terminal Services" "Force shutdown from a remote system" "Load/unload device drivers" "Logon as a service" "Logon locally" "Perform disk volume maintenance" "Shut down the system (locally)" "Take ownership of files and other objects"
Wow, if those aren't in plain English I don't know who can't figure them out. NT's security model is very complex, yes, but very capable as well. It just so happens that the crack dealer under the Longfellow Bridge is selling MCSE certifications for $5 a pop as well, so MCSE's are a dime a dozen. If you're looking for a good NT admin, you need to look hard. Just the same reason you won't hire that 17 year old who "has 12 years UNIX experience."
Slashdot Mirror
Anyone remember John Goodman's character in The Big Lebowski?
"Saturday, Donny, is shabbas, the Jewish day of rest. That means I don't work, I don't drive a car, I don't fucking ride in a car, I don't handle money, I don't turn on the oven, and I sure as shit don't fucking roll!"
So this could be up in the air for all we know.
I suggest you go out and buy a few copies of Windows, Office, Exchange, and SQL Server right now...! ;-)
...and I already have such a feature that comes with DCable... you can fetch the local movie showtimes, get the local weather instantly, etc. AOL just wants to take over the world. The way I see it, this would become merged with a DigiCable feature on Time Warner cable systems (of which I am not I subscriber, so I wouldn't know).
Hence the DMCA.
I never really gave this much thought, but would laws such as the DMCA apply if you dialed into an ISP in say, Canada?
Pentium IV 2.8 GHz provides the best overall around performance in Doom 3! More information forthcoming on slashdot.org
You have to admit that Venus Flytrap was a pimp.
1)Spam
2)Fraud
3)???
4)Profit!
Wow, I think you just described the idea behind the NY Times registration system. Seriously, why do they link to these people? Ever think Slashdot can set up a link-exchange program (such as AltaVista has) which is randomly keyed using a DB-generated URL, that allows access without registration, yet puts the NYTimes article in a customized border with ads?
I'm sorry but this isn't 1940's Nazi Germany -- this is America 2002, we're not a police state, no matter how much you may think this to be the case.
Oh, enough with the anti-Government conspiracy theories already! When will you all understand that if you have nothing to hide that there is no reason to be paranoid like this. What are you a terrorist or something?
Anyone remember Independence Day? I bet they stole the technology from downed alien spacecraft they have stashed somewhere in New Mexico or Nevada!
still no multitasking or virtual or protected memory (on 486 so the hardware is no excuse)
Huh? I'm almost positive you have no idea what you're talking about. Netware has had protected memory space since v 5.0. Just do a "load address space = foo bar". And, uh, if by virtual memory you mean a page file, yeah it has that too!!
I think you're very confused.
Bzzt. That's if you're compiling Apache or installing from scratch. How many default RedHat Apache server IDs have you seen? They are usually running mod_this and mod_that.
I actually caught a friend of mine, who is a pretty knowledgeable person when it comes to Linux, and I alerted him to the fact that he was running 7 unnecessary modules on his server, which is bad for security. His response? "I don't care."
Netware, believe it or not, runs on top of DOS. True IP file/print sharing, web serving (yes, if you didn't know, Apache and Netscape Enterprise server run on Netware!), all that good stuff run on Netware, yet you can still type down at the server prompt and get a C:\> prompt.
Caldera DR-DOS was pretty popular on Novell servers. Netware boots just like LoadLin boots Linux, except unlike Linux, you can exit to DOS, and just type server at the C prompt and basically warm-boot your server without rebooting it.
Yes. A word of advice: don't fuck with poledit on a Novell network. That causes trouble with multiple login servers. Been there, done that. Unlike NT, where you have a dedicated domain controller where everyone and his brother logs into, in novell, if you have your .POL file in SYS:PUBLIC\, it will look for it on that logon server... forever. It becomes "sticky" in the registry. Note that this applies only to Win9x clients. With Novell use ZENWorks.
.reg file out to the clients to fix Office's default "My Documents" folder.
Of course, I think when you logon to an NT domain, an environment variable like %HOMEDRIVE% and %HOMEDIR% are created, so programs like Office create your My Documents folder in %HOMEDRIVE%\My Documents. If you have lots of Win9x clients you could probably (albeit more difficult) set up a Samba server with users/passwords and create Username$ shares for all the users. Map a few drives, make them persistent connections, and just push a
Of course if everyone was running Windows 2000 you could just use Group Policy, which I might add is the bomb diggity, yo.
I vaguely remember this old local root exploit on Sun machines... you used to be able to walk up to the console when it says login:, hit Enter a bunch of times, overflow the buffer, and whammo, you're in as root.
A lot of the "bugs" in Unix type software are unexploited, and very difficult to exploit, or are local only. People generally don't look for these as often in MS products because it's assumed that once you have one account, you will pretty much have run of the system, since most services run with a high level of priveledge.
That is such absurd horseshit. Most services run with the privlege that you give it. If you let Joe Blow admin your box, whether it be Unix or Windows, you're screwed either way.
I personally think its easier to make a Unix box vulnerable than an NT box. But no one wants to admit that because most of the *nix admin community have their heads so far up their collective asses that they have trouble seeing it any way but theres.
Some people are afraid of the truth.
Some people act as if they haven't heard of 'credit cards' before...
It depends. If you have sshd running, it depends what username it's running as when it's running as a service, and if it authenticates against the NT users 'n groups (like MS telentd that comes with Win2k - it even adds some encryption to make it more ssh-like), you take on the security policy of that specific user that you logged in as. If it doesn't you take on the security policy of the sshd's running username.
It all depends on if the daemon you're authenticating against is authenticating you against the SAM database (i.e. your NT username/password). Then the NT security policies apply. IOW, programs that would be covered by this would include network shares, ftp, iis, etc. - they all authenticate against the NT users and groups. (I think they call it 'integrated authentication' now.)
Does that answer your question, or am I still misunderstanding?
Not sure what you mean. Run 'gpedit.msc' to load Group Policy; assign it to whatever group/user you want. It denys logon except from the local console. I.e., you can't map a network share to the box/domain in question.
It means exactly what it says. Here is the explanation from MS TechNet for those with feeble minds:
Another user right that is sometimes modified is the right to access a computer from the network. On some networks, the security policy dictates that administrators must work from the console of the server. Consequently, the Administrators group is removed from the right to access the computer from the network on all servers. Because administrators cannot access the server remotely, potential hackers are forced to gain physical access to the system or compromise security using an ordinary user account.
Kind of how you can't FTP, etc. as root by default on a Linux box. But it's system-wide, and applies to all groups/users the policy is applied to.
"I'm Dr. Nick Riviera, and I will perform any major operation for just 129.95!"
Well, as one of the KDE developers puts it, his wife pays him for playing Mr. Mom and watching his own daughter.
I think department was inappropriate--- ZDNet HAS a clue. Here's what KDE developer Wolfram Diestel has to say about the matter:
"No, at the moment I only get money from my wife for caring for my daughter."
Another KDE developer, Rik Hemsley, is not paid as well. He spends 20-40 hours a week on KDE!!
Don't these people value their time???
That's fucking pathetic, if you ask me. I encourage everyone to go over and read Eric Hufschmid's editorials. They really make you think about this whole situation.
Just like the picture of the T-Shirt says,
``Support Free Software!! Give us money!!''
So, what the f**k is more important to you, your personal data, or still being able to run fortune after your personal data has been blown to smitherines?
Yes, it's just so complicated. Here is an example of a few of the available group policies:
"Access the computer from the network"
"Allow logon through Terminal Services"
"Change the system time"
"Create a pagefile"
"Deny access from the network"
"Deny local logons"
"Deny logon through Terminal Services"
"Force shutdown from a remote system"
"Load/unload device drivers"
"Logon as a service"
"Logon locally"
"Perform disk volume maintenance"
"Shut down the system (locally)"
"Take ownership of files and other objects"
Wow, if those aren't in plain English I don't know who can't figure them out. NT's security model is very complex, yes, but very capable as well. It just so happens that the crack dealer under the Longfellow Bridge is selling MCSE certifications for $5 a pop as well, so MCSE's are a dime a dozen. If you're looking for a good NT admin, you need to look hard. Just the same reason you won't hire that 17 year old who "has 12 years UNIX experience."