Ah, but the difference here is that they've always said that.NET was platform independent, and they've submitted the CLR et al to Standards bodies to that affect. The abscence of.NET on any other platform is of course not an issue to Microsoft, but it can only benefit them in the long run if Mono does succeed.
it's not the server that's always vulnerable. If you get into the system, you can get into the web site. There was an exploit with Cobalt servers which allowed an attacker to upload packages, one of which, in one case, happened to be a custom shell, which was used to bypass restrictions and deface a site.
Don't waste the valuable thousands. Just script a backup routine and then have it spit the tape out afterwards. It doesn't take two minutes to swap the tapes in the morning, and if money is the issue, then you'll appreciate the saving.
To be fait, i think the fact that you can go and read it for free means that very little has to be said, other than "go see". And it's well worth it too:)
Personally, i think it's one of those books that grows with you. I got when i was just starting network administration, and things like the Berferd story, and what DMZ's were, etc, though just out of my grasp, interested me enough to find out what terms meant, and it's certainly easy enough to skip sections as you go along. The shell script examples are easy enough to follow, and should be fairly simple to modify for a beginner. Take the plunge, i promise you won't regret it. (it also has one of the clearest explanations of public key crypography too...)
different league. This is about security from the ground up, such as choosing passwords, where holes lie, even how they traced a real live hacker ("berferd"). How services are installed, AT&T Research's real life setup etc etc... Read this one first, then get the O'Reilly one.
This is, without a doubt *the* bible for the subject. Got mine 2nd hand from a car boot years ago, and it lives on my desk permanently. I'd love to see how it's been updated, and whether there are any new additions similar to the Berferd tracing story. The short scripts for scanning subnets etc were great too. Well, well, worth reading.
64-bit addressing would be required, and that isn't going to get here any time soon
Uh Huh. Okay. So what in the hell do most mainframes use then? See Sun and IBM for examples...
i think the idea is that the databases are running on servers such as the SunFire, which has a stupid amount of RAM (somewhere in the terabytes if i remember correctly)....
My experience was that GPO sucked, until I started adding extra templates. The three core ones are useful in a TweakUI sort of way, but no major security. I had to edit a couple of the.adm files by hand because they didn't do quite what a wanted, such as the lockdown drives. I wanted access to only A:, U:, and P:, but this invloved figuring out a large binary value for it, and making my own policy entry....
Not quite, but nearly. Students sign their life away stating that they won't do anything like this in the first place, otherwise, no connection.
Although, if a student turns up with a laptop, we're not responsible for what is already on the drive. We are responsible for what they access/share/peddle etc after they have connected to our networks. This doesn't mean we have the right to demand they scrub their drives, only to boot them off the network and reprimand them for breaking our AUP. So we try and stop it before it happens.
to be honest, i don't know the full ins and outs of the situation.
Public access to an ISP is within their own home, they are paying for the provision, and they have a simple contract with the phone company.
Students are on our premises, often using our equipment, and therefore, the responsibility is ours. We also have an 'ISP', who aren't responsible for what we do though...
actually, we chose to upgrade the software so that we could remove the last of our NT4 workstations.
We're *required* to keep the PC as we are an educational establishment, and therefore have ratios of PC's to students to keep to. We'd have a great ratio if we were still using DOS, but we have to draw the line, sofwtare needs upgrading, but we don't always have the resources to meet it.
So no, we weren't 'stupid' enough, me made a decision based on the requirements we have to meet.:) 'kay?
That next version of Visual Studio is 'Everett', or VS.NET 2003. It should be out soon, i've had the final beta for a while, it just looks odd because they've got it running on top of they're new codebase. I forget what the next version of SQL server is, but i bet it's under there somewhere, i read that it was required for Office 11 potentially anyway...
Couldn't give you a full list off the top of my head, but the big new features are collaboration services, and native XML support, although, as with.NET, they've changed the name of XDocs so many times, i don't know what they are any more:)
;) Yeah, but it's running it on the legacy hardware that's the issue. We've just managed to squeeze 2k pro onto our old NT workstations (P166), and they chug along at an only-just-usable pace, but if we ever moved up to the next step, we'd lose these PC's... which would be a good thing, but it's securing the funding to do so:)
Slashdot Mirror
And IBM don't produce a market leading web browser, and therefore don't need to may quite so much attention as Microsoft should be....
Ah, but the difference here is that they've always said that .NET was platform independent, and they've submitted the CLR et al to Standards bodies to that affect. The abscence of .NET on any other platform is of course not an issue to Microsoft, but it can only benefit them in the long run if Mono does succeed.
But of course, i may be wrong...
it's not the server that's always vulnerable. If you get into the system, you can get into the web site. There was an exploit with Cobalt servers which allowed an attacker to upload packages, one of which, in one case, happened to be a custom shell, which was used to bypass restrictions and deface a site.
Don't waste the valuable thousands. Just script a backup routine and then have it spit the tape out afterwards. It doesn't take two minutes to swap the tapes in the morning, and if money is the issue, then you'll appreciate the saving.
To be fait, i think the fact that you can go and read it for free means that very little has to be said, other than "go see". And it's well worth it too :)
Personally, i think it's one of those books that grows with you. I got when i was just starting network administration, and things like the Berferd story, and what DMZ's were, etc, though just out of my grasp, interested me enough to find out what terms meant, and it's certainly easy enough to skip sections as you go along. The shell script examples are easy enough to follow, and should be fairly simple to modify for a beginner. Take the plunge, i promise you won't regret it. (it also has one of the clearest explanations of public key crypography too...)
Sed quis custodiet ipsos custodes (but who will guard the guards themselves?)
have been recited by me to many colleagues over the past few years.....
different league. This is about security from the ground up, such as choosing passwords, where holes lie, even how they traced a real live hacker ("berferd"). How services are installed, AT&T Research's real life setup etc etc... Read this one first, then get the O'Reilly one.
This is, without a doubt *the* bible for the subject. Got mine 2nd hand from a car boot years ago, and it lives on my desk permanently. I'd love to see how it's been updated, and whether there are any new additions similar to the Berferd tracing story. The short scripts for scanning subnets etc were great too. Well, well, worth reading.
lol, some tags wouldn't go amiss ;)
Although amusingly, they can't actually post to say so...
I perfectly agree, as do most of the posts here it seems....
1/2 a terabyte according to the Sun site, and 106 processors.... assume thats not far over 300 GB then.....
the 15k i believe... the house sized one with 64 processors (or is it 90 odd?) should look really but can't be bothered...
64-bit addressing would be required, and that isn't going to get here any time soon Uh Huh. Okay. So what in the hell do most mainframes use then? See Sun and IBM for examples...
i think the idea is that the databases are running on servers such as the SunFire, which has a stupid amount of RAM (somewhere in the terabytes if i remember correctly)....
My experience was that GPO sucked, until I started adding extra templates. The three core ones are useful in a TweakUI sort of way, but no major security. I had to edit a couple of the .adm files by hand because they didn't do quite what a wanted, such as the lockdown drives. I wanted access to only A:, U:, and P:, but this invloved figuring out a large binary value for it, and making my own policy entry....
Although, if a student turns up with a laptop, we're not responsible for what is already on the drive. We are responsible for what they access/share/peddle etc after they have connected to our networks. This doesn't mean we have the right to demand they scrub their drives, only to boot them off the network and reprimand them for breaking our AUP. So we try and stop it before it happens.
Public access to an ISP is within their own home, they are paying for the provision, and they have a simple contract with the phone company.
Students are on our premises, often using our equipment, and therefore, the responsibility is ours. We also have an 'ISP', who aren't responsible for what we do though...
As an edu admin myself, I have a repsonsibility for the content of my networks, which includes those nodes attached to them.
The same way that i am liable for illegal use of unlicensed software, not the premises. (Bizarre, and a pain, hence why I'm a tad zealous...)
So no, we weren't 'stupid' enough, me made a decision based on the requirements we have to meet. :) 'kay?
That next version of Visual Studio is 'Everett', or VS.NET 2003. It should be out soon, i've had the final beta for a while, it just looks odd because they've got it running on top of they're new codebase. I forget what the next version of SQL server is, but i bet it's under there somewhere, i read that it was required for Office 11 potentially anyway...
The replacement for System Policy in Windows 2000 Active Directory implementations. HTH :p
Couldn't give you a full list off the top of my head, but the big new features are collaboration services, and native XML support, although, as with .NET, they've changed the name of XDocs so many times, i don't know what they are any more :)
;) Yeah, but it's running it on the legacy hardware that's the issue. We've just managed to squeeze 2k pro onto our old NT workstations (P166), and they chug along at an only-just-usable pace, but if we ever moved up to the next step, we'd lose these PC's... which would be a good thing, but it's securing the funding to do so :)