Ha ha! Too bad it's Real Media! I hate that thing... repeatedly crashed under Win 2K, couldn't turn off its auto start/integration/advertising, had trouble uninstalling it. It was fine when I first used it back in the Win 3.x days but since then it has bloated into, quite possibly, the ugliest media player I have ever seen.
Show me a service that works with WinAmp (and on other non-MS platforms too) and I would gladly open up my wallet. Seriously.
Sorry, let me update those current number of comcast's IPs found in CBL and WPBL blocklists. There's a lot more than I thought. Comcast's netblocks are: 24.0.0.0/12, 67.160.0.0/12, 67.176.0.0/14, 67.180.0.0/15, 67.182.0.0/17, 67.182.128.0/18, 68.32.0.0/11, 68.80.0.0/13
CBL: 19897 (2% of entire list) WPBL: 5199 (10% of entire list!)
Wow, that does look like comcast is responsible for a ton of the world's spam!
Sounds like a great plan to me! I don't like the idea of outright port blocking (customers are paying for IP access, right) but it's very easy to locate the suspicious hosts, which means that once the automated systems are in place they can easily add port restrictions.
We can watch to see how effective this is by seeing how many of comcast's IPs show up in real time spam blocklists. Take CBL and WPBL for instance, two of my favourite lists...
% grepcidr -c -e 68.80.0.0/13
1501
% grepcidr -c -e 68.80.0.0/13
351
Now we see if those numbers go down over time:) Easy.
The WIPO Copyright Treaty was internationally developed back in a time when people, especially politicians, had no grasp of how digital data was an integral part of the modern world. The Internet, and copying of files, was seen as something awfully scary which threatened companies. Old white men fear change, and in 1996 the Internet looked like a pretty wild frontier. WIPO demands that digital data be treated specially, which IMHO is a big mistake. Everything we do these days relies on digital media and copying, an inherent action of computers and networks.
The WIPO was ratified in the United States to create the DMCA, which you all know and love. The similar EU laws, which are just as bent as the US's DMCA, also came from WIPO.
Now Canada is looking at bringing the WIPO, i.e. their own version of the DMCA, into Canadian copyright law. Terrible idea - visit this site if you want to learn more, and exert political pressure to stop this from happening.
The RF spectrum is truly a pie, and the slices are handed out by a central body
Definitely, the RF spectrum is a scarce resource. So isn't it weird how the government lets a small number of large companies own immense portions of this pie? I'm talking AM/FM radio here. Flip around your dial, and see how many stations you find that aren't owned by a large national like Clear Channel.
So, does anyone have useful remarks on why this may succeed or fail?
The WPBL is a very similar effort, using distributed spam sightings to block IPs. We focus on spam, while virbl specializes in viruses. I think they'll have good success provided their method of virus detection is very accurate. In our case, statistical bayesian-like filters help us get accurate spam sightings.
I'm sure there are many variations on this possible. Probably by linking mnemonics and visual cues you could come up with a code-entry system that works reliably, yet makes it nearly impossible for someone to simply write down their code -- hence, easily steal. Use the brain for crypto.
True... <sigh>...
I remember using ircII to download movies under/tmp... one day I got a phone call from the admin, the disk usage set off his pager. "Uh yeah, I guess one of my processes went haywire. Thanks for letting me know!"
One of the heroes in my electrical engineering department is a grad student who was fixated on Internet porn in the mid 1990s. One weekend, he accidentally left his software running -- it was a porn crawler which downloaded as many JPEGs and MPEGs as it could. When the admins returned on Monday they found several gigabytes of pornography under this guy's uid (apparently they had no quotas).
Sure that doesn't sound too impressive, but back then a gigabyte was a lot.
I don't understand the issue with CD licenses, Windows Update, and patches. If Windows Update does run properly... i.e., check the machine and report necessary updates, does this mean that my installation will find all these necessary hotfixes on its own?
My Windows installation is using a legitimate CD from our university, for educational use. Yet whenever I go to Windows Update, I see 0 critical updates (Win2K). Am I really up to date? In which case, none of these issues are really that new because I haven't installed any updates in a month.
I've been a fan of Linux, and have been using it on my desktop and home server but for my business server I have switched to FreeBSD. I just got too nervous looking at all the times I had to upgrade my Linux kernel because of a root vulnerability. From my own uptime.log on my Linux system
2003-05-24 glibc security update up 25 days 2003-06-18 new kernel (root exploits) up 25 days 2003-07-14 power outage up 13 days 2003-07-28 power outage up 151 days 2003-12-27 added RAM 2003-12-28 new kernel (local root exploit) 2003-12-29 added disk volume 2004-01-10 new kernel (local root exploit) up 40 days 2004-02-20 new kernel (local root exploit) up 94 days 2004-05-24 new kernel (local root exploit)
Any software I want, there's a free alternative for linux. None of the music that is coming out now interests me, so this p2p app is completely unappealing.
I agree with what you say. In the *NIX world, all the software we need is free. I don't need to buy from $corp, in fact I don't even need to steal from $corp. My desktop Linux installation is compatible with my hardware, and works fine.
Pop music has been a big disappointment for me, so now I only listen to my campus radio stations. I don't buy CDs from $industry, and I don't download their music online. The $industry registers lost CD sales as Internet piracy, so they're either ignorant or deceptive. Either way... they're screwed in the long run if many do what I'm doing.
I think this is the appropriate way to have an impact. It's legal, ethical, and even healthy for capitalism.
but I hope people still realise that having a complex (and effective) spam filter does not take away the millions of megabits of traffic
Hence WPBL, which uses sightings by statistical filters (like DSPAM) from multiple sites to build a real-time blocklist based on consensus sightings. Once the IP is on the blocklist, you don't waste bandwidth accepting mail from them.
My best experience has been with spamprobe, because it compiles as a standalone app, is very fast (at one point I was filtering over 10,000 emails a day on a Pentium 200 MHz) and is completely command-line oriented, best for scripting/custom mail systems. Colleagues of mine who use CRM114 are very happy with it, but I got discouraged by its large database files. I'm now experimenting with spambayes, the only difficulty so far being installing the python/bsddb environment.
A part of me wants to see the business world forget how important "IT" is -- network infrastructure, services, and especially security. After that point I'll guess 5 more years of survival for the US economy. Then, at the last moment, they call us back in because they realize they have nothing without networks. That's when we get top pay.
This is the kind of lunatic laws you get when the recording industry lobbies government (hey, they got the cash!). Even in dear old Canada, where the courts protect our privacy through ISPs and uphold our right to freely copy media we own, the recording industry is lobbying government to change Canadian copyright law. If our government ratifies WIPO, as the industry is pushing them to do, we'll lose many of the media rights we enjoy (this will bring the DMCA into Canada). Please, visit our Digital Copyright Canada site, sign the Petition for Users' rights, and make digital freedom an election issue!
IMHO, BSD's jail() is one of the more interesting developments in recent versions -- at least for an internet service provider.
For those of you unfamiliar, check it out. It's very much like User Mode Linux and allows running virtual servers within a larger server. Many colocation/virtual server providers (e.g. take, your, pick) use FreeBSD jails to provide low-cost root-access hosts for customers. This really has revolutionized cost effectiveness of large scale hosting!
There have been various limitations with FreeBSD jails when they first appeared. There were glitches with information leaking across jails. There's a limit to a single IP address, inability to do raw socket operations or even ping/traceroute, and some glitches with a couple system calls used by major applications like Postfix.
But my understanding is that 5.x seriously improves jail support, especially from a resource efficiency perspective. One of my BSD developer buddies also tells me that he's fixing raw socket support. Keep an eye on the jail feature...
Is this gent's dislike for the way records are presented the reason my email server can't send anything to AOL addresses?
BLARS is not one to take seriously, btw. ,br>
Over the months I've compiled a list of domains that don't accept mail from dynamic/dialup/cable/DSL IPs. AOL is on that list, and some other big providers are too.
I don't believe any ISP should block ports. It's a slippery slope. The ISPs should be utilities, like electric companies, providing you an unhindered connection to the Internet.
I agree. An ISP is not only hurting some of its customers by blocking ports outright, but also decreasing its value when the competition might allow you unfettered IP access (or, as I call it, real Internet access). Of course, the ISP can and should inform or even disconnect customers that are spam sources. There are tons of clues that would tell an ISP if their customer is likely infected, or an actual spammer.
Is there an easy way to tell if your own computer is a zombie spambot?
Yes, there is! If your IP is sending spam, believe me, we will have noticed via our extensive spam traps. Just query your IP at OpenRBL or at dnsstuff to see if you're blocked due to spam received from your IP.
Note that you can also appear on blocklists for various other reasons. So look into why you're blocked. If you're listed on AHBL, CBL, SpamCop, WPBL for example then your host is probably infected.
Slashdot Mirror
Here's the link to the FTP site where you can also pick up a ZIP file containing the Windows version. I find that nicer than the installer, sometimes.
Ha ha! Too bad it's Real Media! I hate that thing... repeatedly crashed under Win 2K, couldn't turn off its auto start/integration/advertising, had trouble uninstalling it. It was fine when I first used it back in the Win 3.x days but since then it has bloated into, quite possibly, the ugliest media player I have ever seen.
Show me a service that works with WinAmp (and on other non-MS platforms too) and I would gladly open up my wallet. Seriously.
So if it's a floating point issue, am I safe with my 80486-based server? I always loved that CPU...
Sorry, let me update those current number of comcast's IPs found in CBL and WPBL blocklists. There's a lot more than I thought. Comcast's netblocks are: 24.0.0.0/12, 67.160.0.0/12, 67.176.0.0/14, 67.180.0.0/15, 67.182.0.0/17, 67.182.128.0/18, 68.32.0.0/11, 68.80.0.0/13
CBL: 19897 (2% of entire list)
WPBL: 5199 (10% of entire list!)
Wow, that does look like comcast is responsible for a ton of the world's spam!
Sounds like a great plan to me! I don't like the idea of outright port blocking (customers are paying for IP access, right) but it's very easy to locate the suspicious hosts, which means that once the automated systems are in place they can easily add port restrictions.
:) Easy.
We can watch to see how effective this is by seeing how many of comcast's IPs show up in real time spam blocklists. Take CBL and WPBL for instance, two of my favourite lists...
% grepcidr -c -e 68.80.0.0/13 1501
% grepcidr -c -e 68.80.0.0/13 351
Now we see if those numbers go down over time
Still live at:
You are visitor number 5143
That's not bad. Slow to load, but live!
The WIPO Copyright Treaty was internationally developed back in a time when people, especially politicians, had no grasp of how digital data was an integral part of the modern world. The Internet, and copying of files, was seen as something awfully scary which threatened companies. Old white men fear change, and in 1996 the Internet looked like a pretty wild frontier. WIPO demands that digital data be treated specially, which IMHO is a big mistake. Everything we do these days relies on digital media and copying, an inherent action of computers and networks.
The WIPO was ratified in the United States to create the DMCA, which you all know and love. The similar EU laws, which are just as bent as the US's DMCA, also came from WIPO.
Now Canada is looking at bringing the WIPO, i.e. their own version of the DMCA, into Canadian copyright law. Terrible idea - visit this site if you want to learn more, and exert political pressure to stop this from happening.
We would never have The FCC Song (monty python)
I'm sure there are many variations on this possible. Probably by linking mnemonics and visual cues you could come up with a code-entry system that works reliably, yet makes it nearly impossible for someone to simply write down their code -- hence, easily steal. Use the brain for crypto.
True story...
One of the heroes in my electrical engineering department is a grad student who was fixated on Internet porn in the mid 1990s. One weekend, he accidentally left his software running -- it was a porn crawler which downloaded as many JPEGs and MPEGs as it could. When the admins returned on Monday they found several gigabytes of pornography under this guy's uid (apparently they had no quotas).
Sure that doesn't sound too impressive, but back then a gigabyte was a lot.
I don't understand the issue with CD licenses, Windows Update, and patches. If Windows Update does run properly... i.e., check the machine and report necessary updates, does this mean that my installation will find all these necessary hotfixes on its own?
My Windows installation is using a legitimate CD from our university, for educational use. Yet whenever I go to Windows Update, I see 0 critical updates (Win2K). Am I really up to date? In which case, none of these issues are really that new because I haven't installed any updates in a month.
I've been a fan of Linux, and have been using it on my desktop and home server but for my business server I have switched to FreeBSD. I just got too nervous looking at all the times I had to upgrade my Linux kernel because of a root vulnerability. From my own uptime.log on my Linux system
2003-05-24 glibc security update
up 25 days
2003-06-18 new kernel (root exploits)
up 25 days
2003-07-14 power outage
up 13 days
2003-07-28 power outage
up 151 days
2003-12-27 added RAM
2003-12-28 new kernel (local root exploit)
2003-12-29 added disk volume
2004-01-10 new kernel (local root exploit)
up 40 days
2004-02-20 new kernel (local root exploit)
up 94 days
2004-05-24 new kernel (local root exploit)
Pop music has been a big disappointment for me, so now I only listen to my campus radio stations. I don't buy CDs from $industry, and I don't download their music online. The $industry registers lost CD sales as Internet piracy, so they're either ignorant or deceptive. Either way... they're screwed in the long run if many do what I'm doing.
I think this is the appropriate way to have an impact. It's legal, ethical, and even healthy for capitalism.
Others I've had direct experience with are spamprobe, spambayes, and CRM114.
My best experience has been with spamprobe, because it compiles as a standalone app, is very fast (at one point I was filtering over 10,000 emails a day on a Pentium 200 MHz) and is completely command-line oriented, best for scripting/custom mail systems. Colleagues of mine who use CRM114 are very happy with it, but I got discouraged by its large database files. I'm now experimenting with spambayes, the only difficulty so far being installing the python/bsddb environment.
A part of me wants to see the business world forget how important "IT" is -- network infrastructure, services, and especially security. After that point I'll guess 5 more years of survival for the US economy. Then, at the last moment, they call us back in because they realize they have nothing without networks. That's when we get top pay.
This is the kind of lunatic laws you get when the recording industry lobbies government (hey, they got the cash!). Even in dear old Canada, where the courts protect our privacy through ISPs and uphold our right to freely copy media we own, the recording industry is lobbying government to change Canadian copyright law. If our government ratifies WIPO, as the industry is pushing them to do, we'll lose many of the media rights we enjoy (this will bring the DMCA into Canada). Please, visit our Digital Copyright Canada site, sign the Petition for Users' rights, and make digital freedom an election issue!
IMHO, BSD's jail() is one of the more interesting developments in recent versions -- at least for an internet service provider.
For those of you unfamiliar, check it out. It's very much like User Mode Linux and allows running virtual servers within a larger server. Many colocation/virtual server providers (e.g. take, your, pick) use FreeBSD jails to provide low-cost root-access hosts for customers. This really has revolutionized cost effectiveness of large scale hosting!
There have been various limitations with FreeBSD jails when they first appeared. There were glitches with information leaking across jails. There's a limit to a single IP address, inability to do raw socket operations or even ping/traceroute, and some glitches with a couple system calls used by major applications like Postfix.
But my understanding is that 5.x seriously improves jail support, especially from a resource efficiency perspective. One of my BSD developer buddies also tells me that he's fixing raw socket support. Keep an eye on the jail feature...
Is this gent's dislike for the way records are presented the reason my email server can't send anything to AOL addresses?
BLARS is not one to take seriously, btw.
,br> Over the months I've compiled a list of domains that don't accept mail from dynamic/dialup/cable/DSL IPs. AOL is on that list, and some other big providers are too.
Note that you can also appear on blocklists for various other reasons. So look into why you're blocked. If you're listed on AHBL, CBL, SpamCop, WPBL for example then your host is probably infected.