It's not a bad idea - but you'd then have to convince them that it wasn't the actual file, but just encrypted. They'd have you in a dark room, beating you, shouting "What's the key, what's the key?!" for weeks before they dug up your post.
How is this whole single signon thing difference to Kerberos? If I set myself up as the Grand Unified Site To Trust, and you allow users who log in to me access to your systems, surely this is the same. You have to trust me.
Mr Szulik: What OS do you yourself use for your day to day work and why? And if it is some form of Redhat, what OS would you use if there was no such thing as Redhat? (i.e. Windows, or some other distro, or a BSD?)
Please tell me, oh great network admin, how you protect your network against a huge flood, many T/E1s worth of random packets, with random source addresses, aimed directly at your IP addresses?
Regardless of whose fault it is that there are so many boxes available to the DDoSers, once those packets start coming, you can't do much. You can contact your upstream ISP, and ask them to start filtering, but if the packets appear to be coming from valid addresses, you'll end up filtering out legitimate traffic too.
Yeah, they're not really selling it very well, are they?
People may be able to watch your $9.5 million burning up in the sky - and that's if you're lucky! Maybe it will be cloudy, or raining, or maybe it will fall into the Pacific with nothing more than a little plop-hisssssss, giving a local whale a headache.
If you run all your linux code as root and your password is 'password' (and I've met at least one person who does this), I don't think you have a wonderfully secure system.
Of course, knowing the root password doesn't necessarily make your system insecure. ssh root@selinux.dev.gentoo.org , password gentoo. (It's a public box - you won't get told off for logging in.)
Actually, I had a thought. Log in to your favourite Linux box as root, and edit/etc/fstab so that / is mounted from a non-existent partition ( e.g./dev/hda13 ). Reboot.
Now, to fix it is a cinch. Boot from favourite recovery CD ( Gentoo LiveCD for me), mount/, and edit/etc/fstab. Simple.
On Windows 2K, right click My Computer, Manage, and go into the Disk Management. Change the C drive letter to X and reboot. What steps do you have to take to fix it then? (And it's a genuine question.)
What about doing similar stupidness via lilo.conf, and boot.ini (i.e. changing the boot partition to something that doesn't exist).
Microsoft Corp. is preparing a major PR assault over Windows' perceived security failings in which it will criticize Linux for taking too long to fix bugs, we have learned.
Too long to fix bugs? Please. There might be other chinks in the Open Source armour that could be exagurated to make newpaper inches, but the speed of the bug fixes? No way.
Cracked is the wrong word here. Hacked means to break into someones system unauthorised, whereas cracked means to disassemble software or hardware to learn more about it. I hate it when people get these terms wrong. At least the media get them right.
Bah. I thought it might be the English speaking world. If you want real regional variation, try understanding a strong Geordie accent (Newcastle, England), or maybe a really strong Scouse accent. I can't even understand a strong Geordie accent.
Big as Russia is, it doesn't have regional accents*, yet a little country like the UK has huge differences. Weird, no.
How many people here know the name of the Pres of.kz then, without looking it up on Google? I've been there, which probably puts me ahead of most, and although I know it, I can't remember it right now.
In fact, how many people even know where that rather large country is?
1. Is there a more Welsh name than Geraint Thomas? Answers on a postcard, please. 2. What kind of a department is the Centre for Explosion Studies? Can you get degrees in that? Sounds like a fun course.
1. Post CD to sister. 2. Get her to boot off it. 3. Tell her to run/etc/init.d/ssh start 4. Tell her to run passwd and set the root password. 5. Tell her to read the IP address that the machine picked up from the cable/adsl router 6. Log in, and install remotely.
I've done it. But not with your sister. Installing Gentoo I mean. I'll stop now.
Slashdot Mirror
But it's a nice idea. Tie up their resources issuing writs, etc, and all they get is a bunch of nothing.
It's not a bad idea - but you'd then have to convince them that it wasn't the actual file, but just encrypted. They'd have you in a dark room, beating you, shouting "What's the key, what's the key?!" for weeks before they dug up your post.
How is this whole single signon thing difference to Kerberos? If I set myself up as the Grand Unified Site To Trust, and you allow users who log in to me access to your systems, surely this is the same. You have to trust me.
Yes, this is true. However, Gentoo Linux helps mitigate these risks, as it is highly secure.
Mr Szulik: What OS do you yourself use for your day to day work and why? And if it is some form of Redhat, what OS would you use if there was no such thing as Redhat? (i.e. Windows, or some other distro, or a BSD?)
To hear something quintessentially British, you are hereby licenced to listen to the following. Marmite, toast, tea, and the shipping forecast.
Check out this trippy shit from Radio 4 on Thursdays at 23:00. It's got matey from "The Office" in it. Sometimes it's very funny.
Please tell me, oh great network admin, how you protect your network against a huge flood, many T/E1s worth of random packets, with random source addresses, aimed directly at your IP addresses?
Regardless of whose fault it is that there are so many boxes available to the DDoSers, once those packets start coming, you can't do much. You can contact your upstream ISP, and ask them to start filtering, but if the packets appear to be coming from valid addresses, you'll end up filtering out legitimate traffic too.
Yeah, they're not really selling it very well, are they?
People may be able to watch your $9.5 million burning up in the sky - and that's if you're lucky! Maybe it will be cloudy, or raining, or maybe it will fall into the Pacific with nothing more than a little plop-hisssssss, giving a local whale a headache.
I think they're going to get a few sensible bids due to Slashdot bringing this to everyones attention.
Have a look at grsecurity.org sometime. I used to use Lids, but grsec seems to be a fuller option. Same idea though.
Indeed. What was I thinking?
Of course, knowing the root password doesn't necessarily make your system insecure.
ssh root@selinux.dev.gentoo.org , password gentoo. (It's a public box - you won't get told off for logging in.)
Actually, I had a thought. Log in to your favourite Linux box as root, and edit /etc/fstab so that / is mounted from a non-existent partition ( e.g. /dev/hda13 ). Reboot. /, and edit /etc/fstab. Simple.
Now, to fix it is a cinch. Boot from favourite recovery CD ( Gentoo LiveCD for me), mount
On Windows 2K, right click My Computer, Manage, and go into the Disk Management. Change the C drive letter to X and reboot. What steps do you have to take to fix it then? (And it's a genuine question.)
What about doing similar stupidness via lilo.conf, and boot.ini (i.e. changing the boot partition to something that doesn't exist).
Yeah, look at me - Gentoo is great, everyone - give it a try!
And, believe it or not, I don't get any money at all when I say that.
Too long to fix bugs? Please. There might be other chinks in the Open Source armour that could be exagurated to make newpaper inches, but the speed of the bug fixes? No way.
PS. How do you spell that damn word? Exagerated?
OK :)
Cracked is the wrong word here. Hacked means to break into someones system unauthorised, whereas cracked means to disassemble software or hardware to learn more about it. I hate it when people get these terms wrong. At least the media get them right.
Don't you take pride in your work? If a job's worth doing, it's worth doing well, and all that?
Bah. I thought it might be the English speaking world.
If you want real regional variation, try understanding a strong Geordie accent (Newcastle, England), or maybe a really strong Scouse accent. I can't even understand a strong Geordie accent.
Big as Russia is, it doesn't have regional accents*, yet a little country like the UK has huge differences. Weird, no.
*In Moscow they have longer 'a's. Apparently.
How many people here know the name of the Pres of .kz then, without looking it up on Google? I've been there, which probably puts me ahead of most, and although I know it, I can't remember it right now.
In fact, how many people even know where that rather large country is?
How does he explain the name then? :)
Two things.
1. Is there a more Welsh name than Geraint Thomas? Answers on a postcard, please.
2. What kind of a department is the Centre for Explosion Studies? Can you get degrees in that? Sounds like a fun course.
Note that I did have to set it up locally.
/etc/init.d/ssh start
1. Post CD to sister.
2. Get her to boot off it.
3. Tell her to run
4. Tell her to run passwd and set the root password.
5. Tell her to read the IP address that the machine picked up from the cable/adsl router
6. Log in, and install remotely.
I've done it. But not with your sister. Installing Gentoo I mean. I'll stop now.
He who controleth the IP address space, controleth the Internet.
Me, 2003.
Imagine if only big companies could afford routable addresses.