First, the incorrect part: it's blocking machines sending trojans, not worms. It would help if slashdot (and the rest of the world) could learn the distinction.
Second, this has been done with worms (not trojans, as in the article) for years, courtesy of DShield. They provide a recommended blacklist of the top 20 attacking IPs.
Re:Replace it with a key labelled [help]
on
Is Caps Lock Dead?
·
· Score: 1
I just miss the power button. Even so, apple's relocated it to the monitor (another thing PC makers should have done years ago), which in my mind is the 'proper' place for the system's power button.
Oh, yes. That way we can be forced to buy 1000 monitors for our 1000-node beowulf. Brilliant. Well, if you're a marketing droid. Otherwise it's a pretty stupid idea.
Personally, I'm still pissed that PCs went to the soft power switch. When I was a kid, off meant off! None of this "hold it in for 10 seconds and hope for the best" crap.
About 10 years ago I had a password where I typed an easy-to-remember non-word with my hands shifted on the keyboard. I actually went over a year without knowing what my password was, until one day I accidentally typed it at a login prompt.
My bank-card pin-number uses a different trick. I just used four consecutive digits of pi. The trick is that they're pretty far into the sequence. Oh, and I made a mistake when I set it, so it's actually wrong. Oops. Guess it's pretty random, then.;)
I'm a sysadmin by trade, and I think a nice way to do it would be to give them a broken system to diagnose and fix. Hardware or software. Whatever you have that needs fixed. It shows you how they handle the type of stuff you need handled. And, if you have enough applicants, you never have to hire anyone! Just have them fix your stuff for free!;)
Why not more? Because that's the largest a swap partition can be. Why not less? Because disk is cheap. It has little to do with the amount of ram in the machine either, because it's easy to add more ram, but a bit harder to repartition for more swap.
Here's a real-life example of why swap is useful. One machine I manage has a gig of ram. At the time of purchase, that seemed quite reasonable. But the users are working on a project that takes 2 gig of ram. So currently it's using a gig of the swap. Yes, that's bad, and I'll be adding a second gig to it in a few days (it's in the mail). But in the mean-time, that swap space is really handy. It means the users can get their work done! Think of the first 256M of swap as being for speed. If you're regularly using more than that, then it's time to order more ram. But it's nice to have the spare gig of ram for odd jobs, or while you're waiting to install it.
I'm no expert, but I think a lot of these arguments could be resolved if people took advantage of the ulimit constraints. If you can limit how much a program can get out of control, then there's no longer a concern for a single user sending the server into swap hell. One of my current projects is to figure out reasonable limits.
Um, no. It's k*x^-2 where x is the distance from the center. As others have figured out, that's for a point source in 3 dimensions. The power lines change it to k*x^-1 since they are (approximately) a line source.
Inverse square law means the electromagnetic fields given off by both of those will have dropped right down to negligible amounts over the 100-150meters.
Too bad the inverse square law doesn't apply for the high voltage power lines. It will just fall off as 1/r (where r is your distance from the lines), not 1/r^2. You're right about the cell phone tower, though.
Well, believe what you will. But my guess is that you haven't heard the fans they ship with their Xeon processors. The P4 fans are not nearly as loud.
On a related note, don't buy your case from Intel. They use a Delta 120mm fan, which is famous for being the loudest fan in production. (Sounds like a vacuum cleaner.) Once I replaced the rear 120mm fan, and the front 90mm fan, the two CPU fans became quite noticable. Replaced those, and now it sounds like a normal system.
I'm a sysadmin, not a kernel hacker, but this idea of having a microkernel sounds like a good one (from the standpoint of security/stability, which is all sysadmins care about). Which leads me to ask: why doesn't linux follow this design? What are the reasons against it?
I do something similar, where I give out email addresses of the form menscher+blah@uiuc to company Blah. That way I can track where it was harvested from. It's interesting to find which newsgroups spammers harvest addresses from, by using a different address for each newsgroup you post to.
But this has its downsides. I'm not in the spammer's databases only as menscher@uiuc.edu, but as menscher+blah@uiuc, menscher+foobar@uiuc, and menscher+measlemorp@uiuc. So I get duplicate spams sometimes.
Yes, exactly on schedule. Right. Did you not notice that their schedule was revised about 5 times along the way? I remember the release date being for May 3 at one point.
Or perhaps this was a subtle attempt at humor?
That said, I'm really looking forward to trying it out. It's a real mess trying to decide between RH9+legacy, FC1, FC2, RHEL, and WhiteBox. Oh, how I long for the simple days of RH9!
Port 5554 is also used by SGI's "Embedded Support Partner" on IRIX boxes. The easy way to tell which it is would be to connect and see if you get the 200 OK banner from sasser.
I know it's case insensitive in SMTP. But then the mailserver has to convert Menscher (or menscher) to a UID. If it's looking through the password file, and Menscher is near the top with UID 0 and menscher is much further down, how does it decide which to pick? I'm thinking it wouldn't be deterministic, or, if it is, that it'd always pick the first one it finds. Which is not what I'd want.
We make a contingency for emergencies, but I won't describe it here. Suffice to say that it's safe enough to use, analysed enough that it's not snake-oil, and inconvenient enough to stop sysadmins in a hurry from using it by default:)
If your contingency plan is so perfect, why are you afraid to describe it publicly?
That's because it's not supposed to be funny. It's a serious suggestion, from a real sysadmin. Unfortunately anything that doesn't involve PAM or CVS gets modded "Funny" on Slashdot.
(It's really difficult to know whether to be happy that my post got modded up, or pissed off that it was modded funny.)
naming convention here is to the same username with the first letter in upper case
Out of curiosity, does that play nice with sendmail? I'm trying to decide whether that's really cool because it allows mail sent to Menscher to reach me just as my normal menscher account would, or if it would suck because mail to menscher would maybe be hijacked by Menscher and dumped into/var/mail/root.
You imply that all admins have root on all machines, and that all machines are clustered in some way. If that is the case, you might already be using YP/NIS to distribute passwords. So just give each superuser an UID0 account on your NIS master (our convention is su$NAME), and that will be distributed. If you want to limit some of their access to certain machines that can be done....
In general, nobody should EVER type the root password, only their su$NAME password. That way, if it gets compromised (accidentally typed somewhere bad) you only have to change it in one place (NIS master) rather than on all machines.
All of this seems pretty obvious, so let me know if there's something unusual about your setup that makes this unworkable.
Sleeping worked for me, but got the clock all screwy. So I gave up on that, and now have it set to UNDERclock the cpu down to 12% of its regular speed. Should save on battery, and it has the advantage if still being accessible (though a little slow) for remote users, if any.
Of course, this doesn't shut everything down, so it wouldn't be appropriate to put your laptop in its bag and take it to work like this.
It's great to save your junk mail in a folder, cause then you can grep for (800) numbers. Here are a few from the past week:
1-800-KaBloom
1-800-884-9510
The first seems to want to sell flowers. You have to press 1 or 2 to talk to someone, so configure that into your modem dial scripts (a comma will add a pause in the dial sequence, so put in enough to let them answer before autodialing the extension).
The second is trying to sell computers, and a human answers right away.
I chatted with the people at both ends, and they were quite friendly. They said I'd have to ask customer service if I wanted to get my questions answered about how profitable their spamming was. Unfortunately customer service has already gone home for the day.
Slashdot Mirror
I do the same thing. The very last line of my resume indicates that I'm a couple months away from a PhD in Physics. No sense scaring them away early.
This came after NCSA told me I was overqualified. Course, it was just a help-desk position. ;)
Second, this has been done with worms (not trojans, as in the article) for years, courtesy of DShield. They provide a recommended blacklist of the top 20 attacking IPs.
Oh, yes. That way we can be forced to buy 1000 monitors for our 1000-node beowulf. Brilliant. Well, if you're a marketing droid. Otherwise it's a pretty stupid idea.
Personally, I'm still pissed that PCs went to the soft power switch. When I was a kid, off meant off! None of this "hold it in for 10 seconds and hope for the best" crap.
My bank-card pin-number uses a different trick. I just used four consecutive digits of pi. The trick is that they're pretty far into the sequence. Oh, and I made a mistake when I set it, so it's actually wrong. Oops. Guess it's pretty random, then. ;)
What if you're decapitated? Then where will your data be?
I'm a sysadmin by trade, and I think a nice way to do it would be to give them a broken system to diagnose and fix. Hardware or software. Whatever you have that needs fixed. It shows you how they handle the type of stuff you need handled. And, if you have enough applicants, you never have to hire anyone! Just have them fix your stuff for free! ;)
Here's a real-life example of why swap is useful. One machine I manage has a gig of ram. At the time of purchase, that seemed quite reasonable. But the users are working on a project that takes 2 gig of ram. So currently it's using a gig of the swap. Yes, that's bad, and I'll be adding a second gig to it in a few days (it's in the mail). But in the mean-time, that swap space is really handy. It means the users can get their work done! Think of the first 256M of swap as being for speed. If you're regularly using more than that, then it's time to order more ram. But it's nice to have the spare gig of ram for odd jobs, or while you're waiting to install it.
I'm no expert, but I think a lot of these arguments could be resolved if people took advantage of the ulimit constraints. If you can limit how much a program can get out of control, then there's no longer a concern for a single user sending the server into swap hell. One of my current projects is to figure out reasonable limits.
Um, no. It's k*x^-2 where x is the distance from the center. As others have figured out, that's for a point source in 3 dimensions. The power lines change it to k*x^-1 since they are (approximately) a line source.
Too bad the inverse square law doesn't apply for the high voltage power lines. It will just fall off as 1/r (where r is your distance from the lines), not 1/r^2. You're right about the cell phone tower, though.
Oh, and yes, IAAP (I am a physicist.)
On a related note, don't buy your case from Intel. They use a Delta 120mm fan, which is famous for being the loudest fan in production. (Sounds like a vacuum cleaner.) Once I replaced the rear 120mm fan, and the front 90mm fan, the two CPU fans became quite noticable. Replaced those, and now it sounds like a normal system.
You obviously haven't heard them. They're loud. Much nicer to replace them with a Vantec stealth fan or somesuch.
http://www.google.com/
I can't seem to find this in the article. Is that just random crap thrown in to discredit Brown, or did I miss something?
I'm a sysadmin, not a kernel hacker, but this idea of having a microkernel sounds like a good one (from the standpoint of security/stability, which is all sysadmins care about). Which leads me to ask: why doesn't linux follow this design? What are the reasons against it?
But this has its downsides. I'm not in the spammer's databases only as menscher@uiuc.edu, but as menscher+blah@uiuc, menscher+foobar@uiuc, and menscher+measlemorp@uiuc. So I get duplicate spams sometimes.
Yes, exactly on schedule. Right. Did you not notice that their schedule was revised about 5 times along the way? I remember the release date being for May 3 at one point.
Or perhaps this was a subtle attempt at humor?
That said, I'm really looking forward to trying it out. It's a real mess trying to decide between RH9+legacy, FC1, FC2, RHEL, and WhiteBox. Oh, how I long for the simple days of RH9!
Port 5554 is also used by SGI's "Embedded Support Partner" on IRIX boxes. The easy way to tell which it is would be to connect and see if you get the 200 OK banner from sasser.
Have you actually tried this? With which MTA?
If your contingency plan is so perfect, why are you afraid to describe it publicly?
(It's really difficult to know whether to be happy that my post got modded up, or pissed off that it was modded funny.)
Out of curiosity, does that play nice with sendmail? I'm trying to decide whether that's really cool because it allows mail sent to Menscher to reach me just as my normal menscher account would, or if it would suck because mail to menscher would maybe be hijacked by Menscher and dumped into /var/mail/root.
In general, nobody should EVER type the root password, only their su$NAME password. That way, if it gets compromised (accidentally typed somewhere bad) you only have to change it in one place (NIS master) rather than on all machines.
All of this seems pretty obvious, so let me know if there's something unusual about your setup that makes this unworkable.
Of course, this doesn't shut everything down, so it wouldn't be appropriate to put your laptop in its bag and take it to work like this.
1-800-KaBloom
1-800-884-9510
The first seems to want to sell flowers. You have to press 1 or 2 to talk to someone, so configure that into your modem dial scripts (a comma will add a pause in the dial sequence, so put in enough to let them answer before autodialing the extension).
The second is trying to sell computers, and a human answers right away.
I chatted with the people at both ends, and they were quite friendly. They said I'd have to ask customer service if I wanted to get my questions answered about how profitable their spamming was. Unfortunately customer service has already gone home for the day.
Have fun!
I thought Baystar wanted out? Why would they be buying more stock? Anyone else confused? Or am I missing something obvious?