Why must this be the fate of the good jokes? That and "the infidels are committing suicide at our firewall" were the best I'd heard in awhile, but now they're just old...
Quit ruining all the good jokes!
Re:Who didn't see this coming?
on
SCO DOS'ed
·
· Score: 1
Yes. You're right. I actually do have some idea what I'm talking about though. Note the time that was posted (of course... what time is it now...). Sorry.
Cookies (TCP stack, not webserver, doh) should reduce the amount of memory required to deal with a SYN flood to the point where they might as well eat the bandwidth. You used to be able to take down a fairly large server with a smallish connection this way, doesn't work that way anymore.
Apache is a *decent* webserver (note that i said decent), and although you're right, it's not too scalable, the point is not to run it on some "big iron" server, but rather on a zillion cheap Linux boxen. Apache's inherent problems with many connections don't matter as much then.
CGI-based DOSes are often quite effective, but you have to find some important CGI that can't be taken down, and that costs a lot of CPU time, which can be hard.
In any case, the attackers can afford to be lazy. None of these tricks leverage the attack terrifically, so they might as well just collect n more zombies. It's not like one of those reflection attacks or something, where if you find a good UDP protocol to play with you can leverage you bandwidth 10-fold or more (Gamespy they said was hundredfold).
An amusing thing about a mac is that you can still log in with/etc/passwd hosed, because it uses netinfod to get the information. However, you can't ssh (not even from your computer to elsewhere) if you aren't in/etc/passwd, hence
ssh: You don't exist. Go away.
Re:Who didn't see this coming?
on
SCO DOS'ed
·
· Score: 1
They really should do something more creative than just flooding them with traffic. How about a good syn flood, or hammering one of their CGI's.
SYN floods are so ten years ago. A decent webserver (say, Apache) should we able to handle it without too much trouble.
Hammering CGIs is more fun, but it's pretty easy to take down one CGI to save your network, especially if it's a mailto or something. Maybe requesting their homepage and all the attached images would do the trick, but this is just eating bandwidth again. It's tough these days to take a well-configured and monitored box off the net without eating its bandwidth.
Of course it is. NSA is a company. Company leaks secrets.
No. The NSA is a government agency. Government agencies hold secrets better than companies. The NSA in particular has kept a whole lot of crypto secret for a very long time. So while I doubt that they could break RSA at the keylengths used today, it's not impossible.
If this becomes popular, I can see the intelligence agencies having a fit.
Probably.
They might lose one of their best information feeds; the internet.
Maybe. The thing is that the intelligence agencies are plagued by too much data, and sniffing the internet doesn't help much. Maybe Carnivore is useful, but I think they probably are having trouble looking through all that.
f this sort of technology were to be rolled into the main distributions as well as Microsoft/Apple packages, the internet would then have a decent level of privacy.
Maybe. There's SSL for most sites where you would really care though. And traffic analysis would still be possible unless they encrypt the IP headers (ie, go to IPSec). And a lot of the privacy loss is when the database of Merchant X gets hacked / sold out to spammers, and all the encryption in the world will do very little against that. No, I take it back, anonymous digital cash and IPSec should do something.
ls and dir have been used for ages both on servers and desktops.
They're talking about how old your version is, not the program itself. My ls isn't that old. I also added on the GNU color version, which is probably even newer but has no man page.
> man ls | tail -n 8 [n spaces removed, per lameness filter] STANDARDS The ls utility is expected to be a superset of the IEEE Std 1003.2 (``POSIX.2'') specification.
HISTORY An ls utility appeared in Version 5 AT&T UNIX.
They didn't call this spam counterattack "bad" although it is certainly illegal. But it is an attack, and these guys are security geeks, so it's their job to investigate and propose countermeasures to things like this.
Great news! I had given up on Safari as of Friday due to the latency issue. I hope it works for me, too.
It's much better on my computer.
As for the scrollbug...is that the bug where only half the page scrolls sometimes, completely munging up the display? God I hate that...so I might have to stick with Chimerino for a little while longer?:-(
No, it's where using the scroll wheel and moving the mouse at the same time, the page jumps around weirdly, sometimes scrolling backwards, sometimes forwards.
...so I can punt ftp onto something less nasty (you can use IE for this, bizarrely).
Heh. Why can't Apple just punt you to the command line? Not like you need fancy graphics to ftp.
Why can't Apple fix the kernel?
Multithreading the finder would be a *huge* task. One very much worth doing, but still a huge one. There are some other things they should do too, like rewrite it in Cocoa to take advantage of cocoa-y features and make the system UI more consistent (wrt text-dragging and the like). I wouldn't be too surprised to see the finder rewritten in Panther. Pleeeeeease let it be a free upgrade over Jaguar.... Pleeeeaaaaase....
And if you think that FTP sites are annoying in the Finder, try right-clicking on a named pipe in the finder. It think's it's a socket to a server, so it tries to read from it... and hangs.
FIXED, FINALLY (or at least drastically improved): The "contacting latency" bug. This bug caused extreme latency when contacting sites that ought to be really fast. Have you ever timed out while connecting to localhost? How about when connecting to Slashdot?
I've set up a mirror for Broken Saints (of everything on the site that I could find except the forum) to help out with their "mounting bandwidth bills." It redirects to my computer, as I don't have the 400MB to store all that stuff on my account. Furthermore, if you want to set up a mirror to help out too, go to http://[my ip address]/bs/totalbs.tgz for a tarball of the whole thing.
My site (on my computer, currently 140.247.87.50) is pretty neat too, and I've set up a fun hitcounter script too, which logs things like code-red attacks as well.
Yep. And you could have gotten rid of the 555s and some of the stuff that supported them if you used all the clocks on your pic. I think I posted some code for this sort of thing in the original forum, which supports 8-bit color, pulsing, etc. Of course, the taplight, subds etc still bring you over 50 bucks.
...and in other news, Saddam Hussein has fled Iraq to become a Buddhist. Hearing that turkey guts can be turned into oil, W decided that there is no further purpose for a war in Iraq, and so has backed out of the country and given its smoking remains to France.
Since the recent outbreak of interest in the Ambient Orb, I took a moment to homebrew one using a PICchip.... and meanwhile, his homebrewed PICchip webserver was destroyed...
Slashdot Mirror
you think the vatican is a company?
It's 5. Not 2. 5. 5. Rats. 5.
Why must this be the fate of the good jokes? That and "the infidels are committing suicide at our firewall" were the best I'd heard in awhile, but now they're just old...
Quit ruining all the good jokes!
Yes. You're right. I actually do have some idea what I'm talking about though. Note the time that was posted (of course... what time is it now...). Sorry.
Cookies (TCP stack, not webserver, doh) should reduce the amount of memory required to deal with a SYN flood to the point where they might as well eat the bandwidth. You used to be able to take down a fairly large server with a smallish connection this way, doesn't work that way anymore.
Apache is a *decent* webserver (note that i said decent), and although you're right, it's not too scalable, the point is not to run it on some "big iron" server, but rather on a zillion cheap Linux boxen. Apache's inherent problems with many connections don't matter as much then.
CGI-based DOSes are often quite effective, but you have to find some important CGI that can't be taken down, and that costs a lot of CPU time, which can be hard.
In any case, the attackers can afford to be lazy. None of these tricks leverage the attack terrifically, so they might as well just collect n more zombies. It's not like one of those reflection attacks or something, where if you find a good UDP protocol to play with you can leverage you bandwidth 10-fold or more (Gamespy they said was hundredfold).
They really should do something more creative than just flooding them with traffic. How about a good syn flood, or hammering one of their CGI's.
SYN floods are so ten years ago. A decent webserver (say, Apache) should we able to handle it without too much trouble.
Hammering CGIs is more fun, but it's pretty easy to take down one CGI to save your network, especially if it's a mailto or something. Maybe requesting their homepage and all the attached images would do the trick, but this is just eating bandwidth again. It's tough these days to take a well-configured and monitored box off the net without eating its bandwidth.
Of course it is. NSA is a company. Company leaks secrets.
No. The NSA is a government agency. Government agencies hold secrets better than companies. The NSA in particular has kept a whole lot of crypto secret for a very long time. So while I doubt that they could break RSA at the keylengths used today, it's not impossible.
If this becomes popular, I can see the intelligence agencies having a fit.
Probably.
They might lose one of their best information feeds; the internet.
Maybe. The thing is that the intelligence agencies are plagued by too much data, and sniffing the internet doesn't help much. Maybe Carnivore is useful, but I think they probably are having trouble looking through all that.
f this sort of technology were to be rolled into the main distributions as well as Microsoft/Apple packages, the internet would then have a decent level of privacy.
Maybe. There's SSL for most sites where you would really care though. And traffic analysis would still be possible unless they encrypt the IP headers (ie, go to IPSec). And a lot of the privacy loss is when the database of Merchant X gets hacked / sold out to spammers, and all the encryption in the world will do very little against that. No, I take it back, anonymous digital cash and IPSec should do something.
... unless they know a *lot* more math than we do. Which IMHO is unlikely but certainly not impossible.
ls and dir have been used for ages both on servers and desktops.
They're talking about how old your version is, not the program itself. My ls isn't that old. I also added on the GNU color version, which is probably even newer but has no man page.
> man ls | tail -n 8
[n spaces removed, per lameness filter]
STANDARDS
The ls utility is expected to be a superset of the IEEE Std 1003.2 (``POSIX.2'') specification.
HISTORY
An ls utility appeared in Version 5 AT&T UNIX.
BSD July 29, 1994 BSD
Welcome to /., you must be new here. ...says user 531070. ...says user 552513 :-)
Everyone knows that Linux supports terrorists!
... you can only look at the top file :-)
No. Command-Option-Escape is more or less a GUI wrapper for killall (dunno if it's signal 15 or 1 though).
kill -9 is stabbing him in the eye first.
They didn't call this spam counterattack "bad" although it is certainly illegal. But it is an attack, and these guys are security geeks, so it's their job to investigate and propose countermeasures to things like this.
Vice-versa, I believe.
Great news! I had given up on Safari as of Friday due to the latency issue. I hope it works for me, too.
:-(
It's much better on my computer.
As for the scrollbug...is that the bug where only half the page scrolls sometimes, completely munging up the display? God I hate that...so I might have to stick with Chimerino for a little while longer?
No, it's where using the scroll wheel and moving the mouse at the same time, the page jumps around weirdly, sometimes scrolling backwards, sometimes forwards.
...so I can punt ftp onto something less nasty (you can use IE for this, bizarrely).
Heh. Why can't Apple just punt you to the command line? Not like you need fancy graphics to ftp.
Why can't Apple fix the kernel?
Multithreading the finder would be a *huge* task. One very much worth doing, but still a huge one. There are some other things they should do too, like rewrite it in Cocoa to take advantage of cocoa-y features and make the system UI more consistent (wrt text-dragging and the like). I wouldn't be too surprised to see the finder rewritten in Panther. Pleeeeeease let it be a free upgrade over Jaguar.... Pleeeeaaaaase....
And if you think that FTP sites are annoying in the Finder, try right-clicking on a named pipe in the finder. It think's it's a socket to a server, so it tries to read from it... and hangs.
FIXED, FINALLY (or at least drastically improved): The "contacting latency" bug. This bug caused extreme latency when contacting sites that ought to be really fast. Have you ever timed out while connecting to localhost? How about when connecting to Slashdot?
STILL THERE: That horrible scrollbug!
I don't know about the others, but The Adventures of Huckleberry Finn were so much against slavery that it would be amazing had they not banned it.
I've set up a mirror for Broken Saints (of everything on the site that I could find except the forum) to help out with their "mounting bandwidth bills." It redirects to my computer, as I don't have the 400MB to store all that stuff on my account. Furthermore, if you want to set up a mirror to help out too, go to http://[my ip address]/bs/totalbs.tgz for a tarball of the whole thing.
My site (on my computer, currently 140.247.87.50) is pretty neat too, and I've set up a fun hitcounter script too, which logs things like code-red attacks as well.
Please don't hack me.
Yep. And you could have gotten rid of the 555s and some of the stuff that supported them if you used all the clocks on your pic. I think I posted some code for this sort of thing in the original forum, which supports 8-bit color, pulsing, etc. Of course, the taplight, subds etc still bring you over 50 bucks.
...and in other news, Saddam Hussein has fled Iraq to become a Buddhist. Hearing that turkey guts can be turned into oil, W decided that there is no further purpose for a war in Iraq, and so has backed out of the country and given its smoking remains to France.
This update doesn't make you able to burn new media faster. It enables you to burn new media slower so that your drive doesn't catch on fire .
Just so you know.
Since the recent outbreak of interest in the Ambient Orb, I took a moment to homebrew one using a PICchip. ... and meanwhile, his homebrewed PICchip webserver was destroyed...