I have no reason to run out and buy a domain -- I don't have any reason to present a domain to the world.
The topic was about PTR records not domain names but, you gleefully offer up that you use your own personal mail system without even a domain name. You are one 1337 h4x0r. Are you using UUCP? Because I can't figure out how you are doing it with SMTP.
I can understand how you can send mail without a domain, although according to RFC 821 and its successor RFC 2821 you are required to enter a valid and resolvable domain at the helo/ehlo. But, the really big question is: How do you then receive email without a gateway or a domain? How do your buds send email to you? Do they enter to: 1337@65.31.97.241?
I'm not aware of ANY MUA or MTA that will accept an IP address in the To: field. If your response is going to be that, you set the Reply to: field to your Yahoo account, then you are the type of person who's mail I am intentionally trying to avoid.
Your server or network sits behind a cable modem so I will assume NAT is being used but, it doesn't matter.
Your server 10.0.0.3 or maybe multiple servers 10.0.0.3, 10.0.0.4, 10.0.0.5 are all NATted to 88.88.88.88, for arguments sake. Therefore you should have DNS records, on your ISP's DNS server, that read like this.
@ IN MX 10 mail.yourdomain.com mail IN A 88.88.88.88 www IN CANME mail. ftp IN CNAME mail.
That's completely wrongheaded. Mail should be delivered.
I gues that you are entitled to your opinion but, I feel that the action is correct. The fact is that this policy works very well for me. The mail does go through, eventually.
Here's how it works. A user tries to send a message to someone inside my company. The message fails, of course, because my mail server rejects the connection due to the lack of a PTR. After a few attempts the sender either calls their admin or the intended recipient, who then calls me. Either way, the admin and I talk. He/she says your mail server is broken. I say no, it isn't, yours is misconfigured. Try sending a message from your Yahoo account and you will find that it is delivered. He/she then says, so why can't I send any mails to your domain. I respond that it is because your DNS is misconfigured. Call your ISP and ask them to add a PTR record for your mail server and the mail will flow.
Sometimes there is question about this along the lines of; well why can I send to these other domains? I explain that some administrators are willing to accept mail from misconfigured systems because there are so many of them and it makes the administrator's life easier. I then say; Trust me, call your ISP. It only takes a couple of minutes and you will never have to deal with this problem again.
Typically, I get a thanks via email the next day. If they refuse to make the changes I point out to my user that they are receiving mail from everywhere else just fine and they can even send to this broken domain. Thus, our mail system is working correctly and the problem is at the far end. Done.
PTR records are not necessary. They are not required for the internet to work acceptably. But, PTR records do add considerable convenience to network operation and they are a part of the DNS standard specification so, they should be used.
The fact that mail systems that require PTR records before accepting mail significantly reduces spam is reason enough that PTR records should be required. I too experience a great deal of mail problems due to a lack of PTR records but, it is worth the effort to stick to this policy. If you don't have a PTR record, you can't send me mail!
How about making a cell phone that works reliably MAKING PHONE CALLS before trying to get TV on a 1 inch screen? I just want to make a call dammit, I don't need games, pictures, PDA, voice recognition or TV. I just want to make a call.
scientists who cracked SARS' genetic code credit the Internet
That's great. Now they know what it looks like. But, beyond that...... It seems to me that a great deal of effort is being placed on genetic squencing lately but, I haven't seen any advantages yet. They talk about using it for developing a vaccine or cure for the various diseases and I suppose that may happen in the future. Right now however, it seems that having a picture or genetic sequence of whatever virus isn't yielding much more than a poster for the wall. I can't help but wonder if time and effort wouldn't be better spent by these scientists concentrating on these diseases from more traditional angles.
Today, I answer your prayers.
on
Review of SuSE 8.2
·
· Score: 2, Informative
They call the Superstitial ads. They're very proud and excited about them. You can see them here.
Basically it looks like a full screen java script pop-up with flash content. Fortunately, Konqueror immediately complained about java script wanting to open a new window (I have it set to prompt), so it looks like these won't be much of a problem for the clueful user.
Still, the fact that a company is expending effort in the development of more intrusive advertising is reprehensible. Therefore....
You're kidding right??????
on
SSH or IPSec?
·
· Score: 1, Funny
Your company makes embedded firewalls? You MAKE firewalls? And you are asking Slashdot if SSH is better than IPSec?
Fortunately, the companies that I purchase firewall and VPN devices from know both of these protocols intimately. Some of them even had a hand in developing the protocols themselves. These companies also know what the pros and cons of each protocol are and which should be used in any give situation. I would expect nothing less from a company that MAKES firewall and VPN devices.
Agreed Deja/Google Groups are fantastic. But, there is a down side to it. The problem is that if everyone is simply using Google Groups and then going elsewhere, such as yourself, then no one is posting to the groups. That means that Usenet will soon become Uselessnet.
Granted, there are still many people who presently post but that number is definitely declining. The total number of posts is still maintained as spammers move to fill the void.
To try to maintain the value of Usenet I still regularly post to many groups but, I don't follow the groups. What I mean is that I post solutions to the problems I encounter and thereby use Usenet as a storage medium for my personal knowledgebase articles. The posts are as clear and detailed as possible and usually follow the following format:
Problem Summary: Brief by accurate and complete description of the problem. Think keywords and how you would have searched Usenet for the answer to the problem like error codes and specific error messages.
Mitigating details: Such as Hardware and configuration details that did or could have an impact on the actual problem. Software versions specific details about teh problem etc...
Solution: Detailed explanation of what you found the problem to be. Why the problem occured and referrences to relevant knowledge bases that deal with this specific problem. Finally, exactly what you did to fix the problem including snippets of config files etc...
The most important thing is to make the post as clear and detailed as possible without confusing the issue. Try to remember that you may encounter this problem again and that you may not remember what you were thinking when you posted the solution 3 years prior. Don't just say, if your system won't boot the fsck the drive. You may be using a toally different operating system in the future and may remember very little of Linux. Instead give detailed steps of the operation and include complete commands that were used. If everyone does this effectively then Usenet will remain an incredibly powerful resource for years to come.
If you are asking what Customer Relationship Management/Enterprise Resource Planning(CRM/ERP) apps can run on Linux then there is good news. First off there is SAP. There is also Oracle and probably a few others as well, I'm not sure about Seibel.
The bad news is that these applications are prohibitively expensive for Small to Medium Enterprises(SMEs). This becomes a greater problem with the fact that your desire for the application to be Open Source implies that you would prefer free software(wouldn't we all?).
There are a few Open Source projects that have been started to address this need but, they are very small and unlikely to be really helpful or useful in the near future. CRM/ERP apps are huge cantancerous beasts that require a tremendous amount of development effort. In fact, I'm not sure that development will ever end for this type of software.
Now, the really bad news is that our good friends at Microsoft have also seen an opportunity for CRM/ERP in the SME area and are making an effort to fill that void. Recent acquisitions including Great Plains, Solomon and Axapta show that they are aggressively moving into this market and the already have a product available.
This new M$ offering will certainly not be free, nor will it be cheap. But, it will be feature rich, powerful and just barely affordable to the SME market. Which all means, further lock-in to the borg.
I am starting to see a few manufacturers that are changing their means for configuring the devices. These vendors have responded to the cries if thier users, complaining that they don't like the fact that they have to use a boot floppy to configure the device.
The sad news is that the vendors' responses have been to switch from a DOS boot disk to either a bootable CD-ROM (not much of a difference in my mind) or a win32 utility, which REQUIRES you to have Windows installed in order to configure the device. This is EXTREMELY frustrating for non-Windows systems. Of these three choices, I much prefer having the DOS boot disk option.
To address your question though, I'm afraid that you will have to wait for a while. While it is certainly possible, from a technical stand-point to have a utility on a Linux boot floppy, most vendors do not offer configuration utilities that run under Linux. Until this changes there really isn't much point in a Linux bootable floppy/CD. The glimmer of hope is that as Linux becomes more widespread and is more generally accepted by the hardware vendors, they might begin to port their configuration utilities to Linux. At this point it will be trivial to use them from a Linux boot floppy.
At the same time though, the vendors are likely to take the attitude of; Why waste time porting the config utility? We can just use a DOS boot floppy.
I don't think I am the only one spending evenings and weekends playing around with yet another IDS.
Unfortunately, I suspect that we are among the few that do. Especially when you look at this and this.
I would say that you are definitely on the right track and that your network is probably more secure than most. Certainly more so than those that will respond to you here. The fact is that if you are in doubt, you should have an audit performed by a security expert. This person will review you policies, procedures and configurations and make appropriate recommendations. Additionally they will perform penetration testing both from inside and out and make subsequet recommendations.
As I said above, I think you are on the right track and would guess that you have taken all of the necessary steps, and are hearing the complaints from your user community. But, the only thing that I would add is that you should never become complacent. Test your security regularly and use multiple tools to do it, and always the latest versions. Don't rely soley on a Nessus or nmap scan to validate your security. Also, when testing, remember that it isn't just a matter of whether you get in or not, you should also make sure that the attempt is properly caught in the logs, regardless of the attempts success or failure.
Your question suggests an attitude of Linux is impervious to viruses. This thought is VERY common amongst Linux enthusiasts. However this thinking, that Linux is impervious to viruses, could very well be the biggest problem that Linux has ever seen.
The fact is that viruses come in many forms. The more common ones today are of the worm variety and they usually target Outlook because it is the most pervasive mail client out there. But, because Linux has not yet seen a powerful worm or virus does NOT mean that it is impervious to them.
As more and more functionality is added to Linux mail clients the risk of a worm increases. Further, the Linux community is starting to standardize on fewer clients. Right now it is likely that 90% of the Linux users are using one of three mail clients Kmail, Evolution, or Mozilla Mail. This means that there is an increasing number of users for each/any of these clients and as the number grows it increases the likelyhood that one will be targeted for a worm.
Another misconception is that Linux users are restricted to user space, meaning that a virus or worm would not have systemwide access(theoretically). But, plenty of damage could be done from user space alone.
Here is a worm concept that could do great damage to Linux: The worm would spread via email. It could be a complex ELF or a java script or even a BASH script. The subject would be something like "Hey I can't get this script to work, can you help me? What Linux junkie could pass that up? You know full well that most are likely to open it. Once opened it then runs mailing itself to all your Linux friends. It then deletes all your files; rm -rf * Sure this wouldn't hurt the system as a whole but, you would certainly be inconvenienced if you were to lose all your files, no? And all this from user space, no root required.
Now, I'm sure that there will be many responses to this post explaining why this couldn't possibly happen but, the fact is that it is only a matter of time before it does. Now think of how devastating it would be to Linux if the equivalent of Melissa or Slammer were to be unleased on all those systems NOT running antivirus software.
My point is that Linux users need to get beyond the thought that Linux is impervious to viruses and worms and they need to start using antivirus software. There are numerous ones available for Linux including packages from the big Windows antivirus vendors.
The comment was meant to be a parody / paraphrasing of SCO's thinking.
The fact of the matter is that SCO has already heard the feelings of the Slashdot "legions"; Here, here, here, here, here, here and several more. They know exactly where the Slashdot "legions", as you say, stand and yet they choose to continue to lie about their intentions and press on with litigation. SCO could NOT care less what the Slashdot crowd thinks.
One last note: Don't kid yourself! Slashdot users have a much higher opinion of themselves and their "power"(buying or political) than the rest of the world does. I think that this quote might be best "stop taking arrows from the Slashdot kiddies and their spiritual kin", it was made by ESR. You can read it for yourself here.
They are absolutely correct. I've been doing exactly this for some time. I use my IPaq to connect to a terminal server. Lotta scrolling but it gets the job done when I'm riding in the golf cart.
I also use VNC on the IPaq to manage a couple of other servers, access my desktop PC and to manage a growing number of Nortel BCM PBXes.
depends heavily on the complexity of the program--ever seen the FW1 GUI?
Yes, I do Firewall 1 quite often and it is more fuel for the fire. As someone who is very familiar with firewalls and works with many of them a CLI only firewall is an annoyance, to be sure.
Have you used Netscreen, SonicWall, Pix, Raptor, Guardian, IPTables etc? Working with Firewal 1 and a few other big names makes me rather well informed on firewalls and how they should be configured, IMHO. But, with the plethora of firewalls on the market it is likely that I/You will encounter a firewall that you have never touched before, possibly never heard of. Are you going to be a total loser, like the post above and tell them how their firewall sucks and that they should replace it with a $50,000US firewall of your choosing, when all they asked you to do was forward a port to a new server, or are you going to forward the port?
Chances are you are going to forward the port. Further chances are that since you haven't even heard of this brand of firewall before you will not know how to make that happen without a lot of effort researching and reading. Where as if it has a GUI interface you can quickly and easily forward the necessary port and verify the integrity of the configuration. That's because with the CLI the commands will be different. eg. nat add eth2:8888 192.168.1.15:80 or something completely different, it all depends on the firewall. You could waste time figuring out what command and syntax to use for that particular instance or, with a GUI tool, you could quickly forward the port because you already know what you need to do. Finding the different vocabulary that a particular vendor has chosen is infinitely easier with the GUI.
Now granted, if you were to be managing that particular box for any length of time, it would behoove you to learn the commands specific to that box. This would probably make managing it in the future quicker by use of the command line and there are probably scripts that you could write to automate common tasks. But, the GUI is still an important tool for management.
I would think that by now people would have gotten a clue about this but, obviously many still don't get it.
It has been proven repeatedly that a graphical interface is a very important, no essential, part of ease of use. Graphical administration tools make it easier to administer, whatever.
This does not mean that CLI based administration and conf files should be eliminated. To the contrary. For administrators who are familiar with a particular operation the CLI will always be faster but, what about the stuff that they are not as familiar with?
Let's look at a few examples. Let's say that you regularly administer your mail server. It uses Qmail and you have become a wizard capable of blasting out commands like a machine gun. That's great but, now let's suppose that you change jobs and the new mail server is Sendmail. You must admit that you will be less efficient and perhaps even totally lost when trying to administer this new system. You could do as most have to do, dig out the man pages and start reading. But, it will be a while before you can do even rudimentary tasks. Now if there were a graphical tool you could likely figure out what you need to do with a few clicks, after all you already know all about managing mail you are just unfamiliar with this new package. With the graphical tool your learning curve is reduced to near zero and you are immediately productive.
The same is true for almost any service as there are usually many different packages for any given service. It is very possible or even probable that sooner or later you will be presented with one that you are unfamiliar with. Suppose you are a consultant. You go from one network to the other several times in a day. One uses MySQL the next Oracle and the next PostgreSQL. Some use Postfix while others use Sendmail or Qmail. One uses Samba and the next uses NFS.
Now, of course there are going to be a few arrogant people that say that if you aren't intimately familiar with every aspect of a system you shouldn't be touching it but, the reality is that it is not possible to be intimately familiar with every aspect of every system and every package. Sooner or later you WILL encounter a package that you are clueless about and it will take hours/days/weeks for you to get up to speed on it. But, if it has a good graphical interface you can be productive immediately.
And this brings up another point. The graphical interfaces need to be first good and secondly, they need to be integrated or cohesive. Having a separate crappy interface for every app or service, while better than none at all, is not a lot better. There are many common services that should be managed from a single cohesive administration GUI. Good examples of this are Novell's NWAdmin or Console1(yuck!), Microsoft's MMC and to a lesser extent Linux's Webmin.
GUI's are good. But don't panic, I'm not saying you have to abandon the CLI.
Slashdot Mirror
I have no reason to run out and buy a domain -- I don't have any reason to present a domain to the world.
The topic was about PTR records not domain names but, you gleefully offer up that you use your own personal mail system without even a domain name. You are one 1337 h4x0r. Are you using UUCP? Because I can't figure out how you are doing it with SMTP.
I can understand how you can send mail without a domain, although according to RFC 821 and its successor RFC 2821 you are required to enter a valid and resolvable domain at the helo/ehlo. But, the really big question is: How do you then receive email without a gateway or a domain? How do your buds send email to you? Do they enter to: 1337@65.31.97.241?
I'm not aware of ANY MUA or MTA that will accept an IP address in the To: field. If your response is going to be that, you set the Reply to: field to your Yahoo account, then you are the type of person who's mail I am intentionally trying to avoid.
It most definitely works. Here's how.
Your server or network sits behind a cable modem so I will assume NAT is being used but, it doesn't matter.
Your server 10.0.0.3 or maybe multiple servers 10.0.0.3, 10.0.0.4, 10.0.0.5 are all NATted to 88.88.88.88, for arguments sake. Therefore you should have DNS records, on your ISP's DNS server, that read like this.
@ IN MX 10 mail.yourdomain.com
mail IN A 88.88.88.88
www IN CANME mail.
ftp IN CNAME mail.
88 IN PTR mail.
That's completely wrongheaded. Mail should be delivered.
I gues that you are entitled to your opinion but, I feel that the action is correct. The fact is that this policy works very well for me. The mail does go through, eventually.
Here's how it works. A user tries to send a message to someone inside my company. The message fails, of course, because my mail server rejects the connection due to the lack of a PTR. After a few attempts the sender either calls their admin or the intended recipient, who then calls me. Either way, the admin and I talk. He/she says your mail server is broken. I say no, it isn't, yours is misconfigured. Try sending a message from your Yahoo account and you will find that it is delivered. He/she then says, so why can't I send any mails to your domain. I respond that it is because your DNS is misconfigured. Call your ISP and ask them to add a PTR record for your mail server and the mail will flow.
Sometimes there is question about this along the lines of; well why can I send to these other domains? I explain that some administrators are willing to accept mail from misconfigured systems because there are so many of them and it makes the administrator's life easier. I then say; Trust me, call your ISP. It only takes a couple of minutes and you will never have to deal with this problem again.
Typically, I get a thanks via email the next day. If they refuse to make the changes I point out to my user that they are receiving mail from everywhere else just fine and they can even send to this broken domain. Thus, our mail system is working correctly and the problem is at the far end. Done.
PTR records are not necessary. They are not required for the internet to work acceptably. But, PTR records do add considerable convenience to network operation and they are a part of the DNS standard specification so, they should be used.
The fact that mail systems that require PTR records before accepting mail significantly reduces spam is reason enough that PTR records should be required. I too experience a great deal of mail problems due to a lack of PTR records but, it is worth the effort to stick to this policy. If you don't have a PTR record, you can't send me mail!
How about making a cell phone that works reliably MAKING PHONE CALLS before trying to get TV on a 1 inch screen? I just want to make a call dammit, I don't need games, pictures, PDA, voice recognition or TV. I just want to make a call.
Earlier Euginia tried to OS News Slashdot by linking to the Lindows article.
Is Slashdot now try to pay her back?
As far as the eComstation, I think it is as useful as running Linux on a C64.
First, everyone learns on QWERTY. Why? See reason two.
You are more likely to find a QWERTY attached to any particular PC or terminal than anything else. Switching back and forth is a pain.
Thirdly, unlike you, it seems, not everyone is a touch typist.
Hello World!!!
scientists who cracked SARS' genetic code credit the Internet
That's great. Now they know what it looks like. But, beyond that...... It seems to me that a great deal of effort is being placed on genetic squencing lately but, I haven't seen any advantages yet. They talk about using it for developing a vaccine or cure for the various diseases and I suppose that may happen in the future. Right now however, it seems that having a picture or genetic sequence of whatever virus isn't yielding much more than a poster for the wall. I can't help but wonder if time and effort wouldn't be better spent by these scientists concentrating on these diseases from more traditional angles.
Do you mean like this?
Behold, he is the Quizat Haderac
SourceForge is an obvious consideration for this but, before you put your project there, consider my recent musings about SourceForge and VA Software.
Is OSDN a cause for concern? Read this journal entry and see what you think.
They call the Superstitial ads. They're very proud and excited about them. You can see them here.
Basically it looks like a full screen java script pop-up with flash content. Fortunately, Konqueror immediately complained about java script wanting to open a new window (I have it set to prompt), so it looks like these won't be much of a problem for the clueful user.
Still, the fact that a company is expending effort in the development of more intrusive advertising is reprehensible. Therefore....
Slashdot them here
Your company makes embedded firewalls? You MAKE firewalls? And you are asking Slashdot if SSH is better than IPSec?
Fortunately, the companies that I purchase firewall and VPN devices from know both of these protocols intimately. Some of them even had a hand in developing the protocols themselves. These companies also know what the pros and cons of each protocol are and which should be used in any give situation. I would expect nothing less from a company that MAKES firewall and VPN devices.
Agreed Deja/Google Groups are fantastic. But, there is a down side to it. The problem is that if everyone is simply using Google Groups and then going elsewhere, such as yourself, then no one is posting to the groups. That means that Usenet will soon become Uselessnet.
Granted, there are still many people who presently post but that number is definitely declining. The total number of posts is still maintained as spammers move to fill the void.
To try to maintain the value of Usenet I still regularly post to many groups but, I don't follow the groups. What I mean is that I post solutions to the problems I encounter and thereby use Usenet as a storage medium for my personal knowledgebase articles. The posts are as clear and detailed as possible and usually follow the following format:
Problem Summary: Brief by accurate and complete description of the problem. Think keywords and how you would have searched Usenet for the answer to the problem like error codes and specific error messages.
Mitigating details: Such as Hardware and configuration details that did or could have an impact on the actual problem. Software versions specific details about teh problem etc...
Solution: Detailed explanation of what you found the problem to be. Why the problem occured and referrences to relevant knowledge bases that deal with this specific problem. Finally, exactly what you did to fix the problem including snippets of config files etc...
The most important thing is to make the post as clear and detailed as possible without confusing the issue. Try to remember that you may encounter this problem again and that you may not remember what you were thinking when you posted the solution 3 years prior. Don't just say, if your system won't boot the fsck the drive. You may be using a toally different operating system in the future and may remember very little of Linux. Instead give detailed steps of the operation and include complete commands that were used. If everyone does this effectively then Usenet will remain an incredibly powerful resource for years to come.
If you are asking what Customer Relationship Management/Enterprise Resource Planning(CRM/ERP) apps can run on Linux then there is good news. First off there is SAP. There is also Oracle and probably a few others as well, I'm not sure about Seibel.
The bad news is that these applications are prohibitively expensive for Small to Medium Enterprises(SMEs). This becomes a greater problem with the fact that your desire for the application to be Open Source implies that you would prefer free software(wouldn't we all?).
There are a few Open Source projects that have been started to address this need but, they are very small and unlikely to be really helpful or useful in the near future. CRM/ERP apps are huge cantancerous beasts that require a tremendous amount of development effort. In fact, I'm not sure that development will ever end for this type of software.
Now, the really bad news is that our good friends at Microsoft have also seen an opportunity for CRM/ERP in the SME area and are making an effort to fill that void. Recent acquisitions including Great Plains, Solomon and Axapta show that they are aggressively moving into this market and the already have a product available.
This new M$ offering will certainly not be free, nor will it be cheap. But, it will be feature rich, powerful and just barely affordable to the SME market. Which all means, further lock-in to the borg.
I am starting to see a few manufacturers that are changing their means for configuring the devices. These vendors have responded to the cries if thier users, complaining that they don't like the fact that they have to use a boot floppy to configure the device.
The sad news is that the vendors' responses have been to switch from a DOS boot disk to either a bootable CD-ROM (not much of a difference in my mind) or a win32 utility, which REQUIRES you to have Windows installed in order to configure the device. This is EXTREMELY frustrating for non-Windows systems. Of these three choices, I much prefer having the DOS boot disk option.
To address your question though, I'm afraid that you will have to wait for a while. While it is certainly possible, from a technical stand-point to have a utility on a Linux boot floppy, most vendors do not offer configuration utilities that run under Linux. Until this changes there really isn't much point in a Linux bootable floppy/CD. The glimmer of hope is that as Linux becomes more widespread and is more generally accepted by the hardware vendors, they might begin to port their configuration utilities to Linux. At this point it will be trivial to use them from a Linux boot floppy.
At the same time though, the vendors are likely to take the attitude of; Why waste time porting the config utility? We can just use a DOS boot floppy.
I don't think I am the only one spending evenings and weekends playing around with yet another IDS.
Unfortunately, I suspect that we are among the few that do. Especially when you look at this and this.
I would say that you are definitely on the right track and that your network is probably more secure than most. Certainly more so than those that will respond to you here. The fact is that if you are in doubt, you should have an audit performed by a security expert. This person will review you policies, procedures and configurations and make appropriate recommendations. Additionally they will perform penetration testing both from inside and out and make subsequet recommendations.
As I said above, I think you are on the right track and would guess that you have taken all of the necessary steps, and are hearing the complaints from your user community. But, the only thing that I would add is that you should never become complacent. Test your security regularly and use multiple tools to do it, and always the latest versions. Don't rely soley on a Nessus or nmap scan to validate your security. Also, when testing, remember that it isn't just a matter of whether you get in or not, you should also make sure that the attempt is properly caught in the logs, regardless of the attempts success or failure.
Your question suggests an attitude of Linux is impervious to viruses. This thought is VERY common amongst Linux enthusiasts. However this thinking, that Linux is impervious to viruses, could very well be the biggest problem that Linux has ever seen.
The fact is that viruses come in many forms. The more common ones today are of the worm variety and they usually target Outlook because it is the most pervasive mail client out there. But, because Linux has not yet seen a powerful worm or virus does NOT mean that it is impervious to them.
As more and more functionality is added to Linux mail clients the risk of a worm increases. Further, the Linux community is starting to standardize on fewer clients. Right now it is likely that 90% of the Linux users are using one of three mail clients Kmail, Evolution, or Mozilla Mail. This means that there is an increasing number of users for each/any of these clients and as the number grows it increases the likelyhood that one will be targeted for a worm.
Another misconception is that Linux users are restricted to user space, meaning that a virus or worm would not have systemwide access(theoretically). But, plenty of damage could be done from user space alone.
Here is a worm concept that could do great damage to Linux: The worm would spread via email. It could be a complex ELF or a java script or even a BASH script. The subject would be something like "Hey I can't get this script to work, can you help me? What Linux junkie could pass that up? You know full well that most are likely to open it. Once opened it then runs mailing itself to all your Linux friends. It then deletes all your files; rm -rf * Sure this wouldn't hurt the system as a whole but, you would certainly be inconvenienced if you were to lose all your files, no? And all this from user space, no root required.
Now, I'm sure that there will be many responses to this post explaining why this couldn't possibly happen but, the fact is that it is only a matter of time before it does. Now think of how devastating it would be to Linux if the equivalent of Melissa or Slammer were to be unleased on all those systems NOT running antivirus software.
My point is that Linux users need to get beyond the thought that Linux is impervious to viruses and worms and they need to start using antivirus software. There are numerous ones available for Linux including packages from the big Windows antivirus vendors.
You can run performance monitor, there is an uptime counter.
You can get uptime via SNMP
You can look at the event log and see when the server was started and figure it out manually.
You can use one of several third party utilities that make it as simple as typing 'uptime".
You can track and monitor your servers, maybe even good old fashioned pecil and paper.
The comment was meant to be a parody / paraphrasing of SCO's thinking.
The fact of the matter is that SCO has already heard the feelings of the Slashdot "legions"; Here, here, here, here, here, here and several more. They know exactly where the Slashdot "legions", as you say, stand and yet they choose to continue to lie about their intentions and press on with litigation. SCO could NOT care less what the Slashdot crowd thinks.
One last note: Don't kid yourself! Slashdot users have a much higher opinion of themselves and their "power"(buying or political) than the rest of the world does. I think that this quote might be best "stop taking arrows from the Slashdot kiddies and their spiritual kin", it was made by ESR. You can read it for yourself here.
Do I take all these companies for cold hard cash, and lots of it.......
or
Do I succumb to the pathetic demands of the Slashdot weenies, that don't actually BUY our products anyways?
Thinking, thinking, thinking, thinking............
They are absolutely correct. I've been doing exactly this for some time. I use my IPaq to connect to a terminal server. Lotta scrolling but it gets the job done when I'm riding in the golf cart.
I also use VNC on the IPaq to manage a couple of other servers, access my desktop PC and to manage a growing number of Nortel BCM PBXes.
Nothin new here folks.
depends heavily on the complexity of the program--ever seen the FW1 GUI?
Yes, I do Firewall 1 quite often and it is more fuel for the fire. As someone who is very familiar with firewalls and works with many of them a CLI only firewall is an annoyance, to be sure.
Have you used Netscreen, SonicWall, Pix, Raptor, Guardian, IPTables etc? Working with Firewal 1 and a few other big names makes me rather well informed on firewalls and how they should be configured, IMHO. But, with the plethora of firewalls on the market it is likely that I/You will encounter a firewall that you have never touched before, possibly never heard of. Are you going to be a total loser, like the post above and tell them how their firewall sucks and that they should replace it with a $50,000US firewall of your choosing, when all they asked you to do was forward a port to a new server, or are you going to forward the port?
Chances are you are going to forward the port. Further chances are that since you haven't even heard of this brand of firewall before you will not know how to make that happen without a lot of effort researching and reading. Where as if it has a GUI interface you can quickly and easily forward the necessary port and verify the integrity of the configuration. That's because with the CLI the commands will be different.
eg.
nat add eth2:8888 192.168.1.15:80
or something completely different, it all depends on the firewall. You could waste time figuring out what command and syntax to use for that particular instance or, with a GUI tool, you could quickly forward the port because you already know what you need to do. Finding the different vocabulary that a particular vendor has chosen is infinitely easier with the GUI.
Now granted, if you were to be managing that particular box for any length of time, it would behoove you to learn the commands specific to that box. This would probably make managing it in the future quicker by use of the command line and there are probably scripts that you could write to automate common tasks. But, the GUI is still an important tool for management.
I would think that by now people would have gotten a clue about this but, obviously many still don't get it.
It has been proven repeatedly that a graphical interface is a very important, no essential, part of ease of use. Graphical administration tools make it easier to administer, whatever.
This does not mean that CLI based administration and conf files should be eliminated. To the contrary. For administrators who are familiar with a particular operation the CLI will always be faster but, what about the stuff that they are not as familiar with?
Let's look at a few examples. Let's say that you regularly administer your mail server. It uses Qmail and you have become a wizard capable of blasting out commands like a machine gun. That's great but, now let's suppose that you change jobs and the new mail server is Sendmail. You must admit that you will be less efficient and perhaps even totally lost when trying to administer this new system. You could do as most have to do, dig out the man pages and start reading. But, it will be a while before you can do even rudimentary tasks. Now if there were a graphical tool you could likely figure out what you need to do with a few clicks, after all you already know all about managing mail you are just unfamiliar with this new package. With the graphical tool your learning curve is reduced to near zero and you are immediately productive.
The same is true for almost any service as there are usually many different packages for any given service. It is very possible or even probable that sooner or later you will be presented with one that you are unfamiliar with. Suppose you are a consultant. You go from one network to the other several times in a day. One uses MySQL the next Oracle and the next PostgreSQL. Some use Postfix while others use Sendmail or Qmail. One uses Samba and the next uses NFS.
Now, of course there are going to be a few arrogant people that say that if you aren't intimately familiar with every aspect of a system you shouldn't be touching it but, the reality is that it is not possible to be intimately familiar with every aspect of every system and every package. Sooner or later you WILL encounter a package that you are clueless about and it will take hours/days/weeks for you to get up to speed on it. But, if it has a good graphical interface you can be productive immediately.
And this brings up another point. The graphical interfaces need to be first good and secondly, they need to be integrated or cohesive. Having a separate crappy interface for every app or service, while better than none at all, is not a lot better. There are many common services that should be managed from a single cohesive administration GUI. Good examples of this are Novell's NWAdmin or Console1(yuck!), Microsoft's MMC and to a lesser extent Linux's Webmin.
GUI's are good. But don't panic, I'm not saying you have to abandon the CLI.