Re:Suggestion: Run security scans against it...
on
Take A Look At Solaris 10
·
· Score: 2, Insightful
Hmm, very interesting.
We installed SMTPd, and *shock horror*, the machine accepts connections on port 25!!
We installed fingerd, and *shock horror*, it works! What an insecure, buggy OS Solaris must be!
Many ports a listed as a vulnerability on the grounds that some old versions of these servers had vulnerabilities. Others are listed simply because they're open, and accepting connections as they should. What on Earth did you expect?
Say Nessus found no ports open whatsoever. What use do you think that box is going to be? Sure you'll think it's uber 1337 secure, because you can't connect to it, but in most Solaris installations, the ability to actually connect to the machine is actually of some use.
See below. While I'm not certain it's the truth, it shouldn't really be a matter of "who used it first". Imagine if things like PCI device ID's, ethernet MAC addresses etc. were available to the first person to use it.
In any case, it seems Sun have changed the partition ID they use to another one, which is good of 'em, even if they did "use it first".
Anything that is NOT a DOS partition table is certainly NOT bad or dumb. Like the 640k base RAM crap, the DOS partition table is just another hangover from a myopic design.
Get any of a Mac, Sparc or Indy. Things seem alien and peculiar at first, even unnecessary. Until about six months later when you realise all the troble that you've had on x86 boxes just can't be had on anything else.
Getting Solaris to run on an x86, when it's so used to running on real hardware, must have been quite a challenge. Thanks and well done, Sun. On behalf of my forebearers, I apologise for the existence of the x86.
Ah, thanks for pointing that out.
My comment earlier is redundant. In trying to protect myself as much as possible, I created the Solaris partition myself, with id 82 before even running the installer. Had I have known Sun have already picked up the ball and cleaned up the toys baby Linux threw out of its cot, I'd have let the Solaris installer go its own way.
Yes, I'm glad I foresaw this back before my first Sol x86 install. Given the quality of your average linux dist installer, I changed the partition id to something linux wouldn't recongnise, and in turn, spacker.
It's one thing I wish one of Solaris or Linux would change. i.e. choose a different value to identify their partition, maintain compatibility with the old one but proceed with caution, rather than just saying "82!? excellent!/sbin/mkswap/dev/xxxx"
Because your average schoolboy linux install script writer is bound to think "serves you right for running Solaris, you old git", I think the change would better come from Sun.
Not booted in Solaris ATM, so this is from memory, but I think the
disks
command created the necessary links in/dev for me, after which vold worked with my keyfobs every time.
That was what you do if you add disks to the system, and forget to do a "boot -r", or "touch/reconfigure; shutdown...".
Hope this works for you, I remember being stumped for just a few seconds after putting one of these keyfobs in before the disks command came back to me. While I don't run Solaris much these days, I still regard it as an excellent and mature OS.
Here everyone was, flinging shit on the Bush administration, talking about the military, governement assisted monopolies and corruption, and you come along, with your right-click->open in new tab "Why I read the f__ing article.
Well I hope you're happy. Do you think, if I wanted the facts, and headlines that were vaguely related to the article, I'd be on slashdot!?!
You should have your UID taken away. Everyone was enjoying themselves until you came along.
BTW the workaround for the rendering bug you encounter on/. is to increase the size of your text then decrease it again (Ctrl +, Ctrl -).
I dunno if it is a slashdot bug or not. It seems to me that if you can fix it with this workaround, then's it's a Mozilla bug (it does it there, too). Yes they definitely should use CSS, but since it's such an ugly site, it'll probably still look better in lynx.
1. Solaris doesn't like anything.
2. It will (on x86 at least) stomp on your Master Boot Record, but that's not hard to fix, especially if you're prepared for it.
What _sort_ of server? RAID? Nup.
High availability? Nup
Router? Probably not, unless you're going to use a combo of PCMCIA / USB eth adapters.
Database server? Nup.
File server? Check out prices of 120G laptop drives vs. 120G desktop drives. Nup.
Laptops are laptops, there were never intended to be servers, and run really poorly when tried to be used as such (in my experience, anyway).
Unless you just want a "server", and that's it. Sure it won't do anything, but you'll have a server!!
Not all closed source is bad. It's not like you hear of people running Solaris, Oracle and Forte getting owned every day.
no guarantees
If you buy it, I'm sure they'll guarantee and support it. This is a free trial, that you can use for an unlimited period of time
too many limitations
The limitations are clearly stated and simple: you can try it out, for as long as you like. 5 gigs is plenty to test an application on, one cpu is still enough to run a database on.
Some people actually do pay for their software. And I'm sure the same people will be more than happy to buy this DB if, after trying it out for FREE, find it satisfactory or better.
I can't believe how many whingeing morons I've seen tonight saying "Argh! no source!! ev1l!!" and "aww, only five gigs! stingy bastards, I won't be able to run my eCommerce site on _that!_"
Get real. There's plenty of free databases around that you can use, slashdot uses MySQL doesn't it? Piss off and use that.
You probably wouldn't know a real database from a hole in the ground and continue to be bewildered at why some corps spend $50k + on real databases for years to come.
Where I'm working, we use MS SQL Server an awful lot. And we write an awful lot of code that uses it. We don't spend any time reading source, or trying to find holes / improvements to it. We're too busy.
They're giving you the product for free, but you don't want it because you can't have the source.
It's not really feasible, never mind not an attractive idea.
You'd need some sort of external antenna, and a reasonable battery. I don't think people will stand for having their wetware upgraded in that manner for quite some time.
They'll more likely do it with cars, because you need them to get most places, or eftpos cards, that you'll have to use in taxis, on buses etc.
And anyway, you are never absolutely anonymous anyway. If you post as AC on/., it is by all means possible to determine at least where you are, unless you've simply obscured it by another layer and used an anonymous proxy.
All the same it is possible, you can only make it harder and harder.
I can't remember whether it's Phobos or Deimos that's only some 15km diameter. Not only is the gravity so weak that a man could leap himself into orbit, but surely due the the size of it, it won't be able to toss pebbles outward forever, there just isn't that much of it left.
Not that diameter is the right word, it's shaped like a pie crust. Then again, I might be talking about the wrong moon.
Slashdot Mirror
We installed SMTPd, and *shock horror*, the machine accepts connections on port 25!!
We installed fingerd, and *shock horror*, it works!
What an insecure, buggy OS Solaris must be!
Many ports a listed as a vulnerability on the grounds that some old versions of these servers had vulnerabilities. Others are listed simply because they're open, and accepting connections as they should. What on Earth did you expect?
Say Nessus found no ports open whatsoever. What use do you think that box is going to be? Sure you'll think it's uber 1337 secure, because you can't connect to it, but in most Solaris installations, the ability to actually connect to the machine is actually of some use.
In any case, it seems Sun have changed the partition ID they use to another one, which is good of 'em, even if they did "use it first".
Get any of a Mac, Sparc or Indy. Things seem alien and peculiar at first, even unnecessary. Until about six months later when you realise all the troble that you've had on x86 boxes just can't be had on anything else.
Getting Solaris to run on an x86, when it's so used to running on real hardware, must have been quite a challenge. Thanks and well done, Sun. On behalf of my forebearers, I apologise for the existence of the x86.
Thanks again, my friend.
It's one thing I wish one of Solaris or Linux would change. i.e. choose a different value to identify their partition, maintain compatibility with the old one but proceed with caution, rather than just saying "82!? excellent! /sbin/mkswap /dev/xxxx"
Because your average schoolboy linux install script writer is bound to think "serves you right for running Solaris, you old git", I think the change would better come from Sun.
That was what you do if you add disks to the system, and forget to do a "boot -r", or "touch /reconfigure; shutdown ...".
Hope this works for you, I remember being stumped for just a few seconds after putting one of these keyfobs in before the disks command came back to me. While I don't run Solaris much these days, I still regard it as an excellent and mature OS.
Well I hope you're happy. Do you think, if I wanted the facts, and headlines that were vaguely related to the article, I'd be on slashdot!?!
You should have your UID taken away. Everyone was enjoying themselves until you came along.
Ah. hah. ha haaa.
Understatement.
Yeah, but a reload takes much longer, doesn't it? I can reflow the text in a couple of seconds utually.
I dunno if it is a slashdot bug or not. It seems to me that if you can fix it with this workaround, then's it's a Mozilla bug (it does it there, too). Yes they definitely should use CSS, but since it's such an ugly site, it'll probably still look better in lynx.
Last time I recovered from a major, I was itching to get the details into my blog...
1. Solaris doesn't like anything.
2. It will (on x86 at least) stomp on your Master Boot Record, but that's not hard to fix, especially if you're prepared for it.
High availability? Nup
Router? Probably not, unless you're going to use a combo of PCMCIA / USB eth adapters.
Database server? Nup.
File server? Check out prices of 120G laptop drives vs. 120G desktop drives. Nup.
Laptops are laptops, there were never intended to be servers, and run really poorly when tried to be used as such (in my experience, anyway).
Unless you just want a "server", and that's it. Sure it won't do anything, but you'll have a server!!
Yes it does. If you are using XP, or a non-server OS then enterprise edition is what you need.
Gee, that cuts out most of the market then, don't it?
no guarantees
too many limitations
Some people actually do pay for their software. And I'm sure the same people will be more than happy to buy this DB if, after trying it out for FREE, find it satisfactory or better.
I can't believe how many whingeing morons I've seen tonight saying "Argh! no source!! ev1l!!" and "aww, only five gigs! stingy bastards, I won't be able to run my eCommerce site on _that!_"
Get real. There's plenty of free databases around that you can use, slashdot uses MySQL doesn't it? Piss off and use that.
You probably wouldn't know a real database from a hole in the ground and continue to be bewildered at why some corps spend $50k + on real databases for years to come.
Hey, you're right. They should, like, ship it with no database size limit!. They everybody could use it, Slashdot, large enterprises, even banks!
And nobody would have to buy it! How selfish of them to give away a database that wouldn't cut it in a large enterprise.
While MS SQL Server is not free, MSDE, the MS Database Engine is.
Where I'm working, we use MS SQL Server an awful lot. And we write an awful lot of code that uses it. We don't spend any time reading source, or trying to find holes / improvements to it. We're too busy.
They're giving you the product for free, but you don't want it because you can't have the source.
I'm sure they'll miss you.
People who just want a full featured database aren't really all that interested in the source.
No, it's a Dual Boot configuration.
...same as what you get for spoiling good jokes on /.
#ifndef REDUNDANT
In more ways than one.
You'd need some sort of external antenna, and a reasonable battery. I don't think people will stand for having their wetware upgraded in that manner for quite some time.
They'll more likely do it with cars, because you need them to get most places, or eftpos cards, that you'll have to use in taxis, on buses etc.
And anyway, you are never absolutely anonymous anyway. If you post as AC on /., it is by all means possible to determine at least where you are, unless you've simply obscured it by another layer and used an anonymous proxy.
All the same it is possible, you can only make it harder and harder.
Not that diameter is the right word, it's shaped like a pie crust. Then again, I might be talking about the wrong moon.