Well, slight correction: ThePirateBay appears as though it may be a tracker. The point is that it's mostly known for being an index site (so far as I know), and the two are not necessarily related.
That is an Energy Mech bot. It used to be the most common alternative to the Eggdrop bot, but it is not nearly as well known. Most experienced IRC users preferred Eggdrop for various reasons. Energy Mech had a reputation for being very resource intensive.
It's just a matter of philosophy. I used to be a "cracker" and a "DoS kid" on EFNet. I didn't use Windows machines (I also didn't need/use "DDoS" networks*). Most everyone on EFNet used Linux/UNIX machines with high bandwidth connections. Now, Windows nodes with cable modems seem to be a lot more popular. I think the kids on EFNet know a little bit about what they're doing, since I was one of them (but I was never as stupid as most of them seem to be). A few of them went on to become security experts, last I've heard of them. Many of them were idiots, however. But things have changed. It's a lot easier for "script kiddies" to do this kind of thing, and Windows is just a good, easy philosophical choice. It's a choice: do I want a few hosts with high bandwidth, or many hosts with relatively small bandwidth? They can both equal the same overall amount of transfer speed in the end. The Windows vector allows for an easier entrance into the "DoS" game, though. In fact, even for an experienced attacker, it might be a better choice, for the simple fact that this kind of attack will spread relatively easy. I have seen website forums for so called "h4X0rz" (read: retards) before, where they ask one another how to write an "on join" mIRC script to send an EXE backdoor to someone joining an IRC channel.
This is what I'm talking about. The entrance barrier is much lower, and the users of Windows are more likely be gullible enough to fall for these kinds of tricks. But don't fool yourself into thinking UNIX/Linux are somehow inherently "more secure," save for the fact that most distributions don't enable useless services by default any more. I have seen very large botnets involving BSD/Linux machines before too, and these are very devastating (e.g. the 8Gbps attack on eBay/CNN/Yahoo -- which was a stacheldraht net maintained by the "49ers" EFNet takeover group, if I recall). Some of these consisted of somewhere in the neighborhood of 5,000 machines. That was probably 6-7 years ago.
* Contrary to what the first article said, an attack from a single source is not necessarily 'easier to deal with' than a multi-sourced attack:
This is only true for weak attacks that aren't sufficient to kill the upstream. If the upstream router goes, it doesn't matter. You can't filter (which seems to be what they're implying by saying a single source attack is less effective) an attack when it's saturated the entire link.
And even if the attack is relatively weak, the single host may be able to spoof its source address. Randomized addresses would be even more difficult to filter. Of course, ratelimiting isn't out of the question, in either case.
Most times, botnets today are comprised of cable modems / DSL connections on Windows machines, which might get you 100KB/s upstream per node at the most (there are exceptions). Average is probably 256Kbps today. This doesn't result in a lot of bandwidth.
Of course, some of my friends back then did use DDoS networks, like stacheldraht, trinoo, and tfn2k. These were also used on high bandwidth servers, which could be a VERY big problem -- much different than the scenario of Windows machines on cable modems.
Personally, I would use about 10-15 machines to perform an attack at the most. A couple of machines had 100Mbps or fiber uplinks to OC-3s. I got just under 20MB/s for a couple of hosts in South Korea. I suspect these were on OC-3s. There was a large problem, back then, with networks in eastern Asian countries being notorious for their insecurity. Netscan.org, when it was around, largely consisted of incorrectly configured broadcast networks in Japan and South Korea, if I recall correctly. Smurf (as well as THC) was a fairly big attack then. I used it a few times, but, at others, I would just use stream or something else on a few single hosts. I don't really remember the program I used most. But I could reach about 500-800Mbps of bandwidth, and this was probably from 1998-2001, and maybe 2002.
This would probably be different now. The climate is
I'm not really sure I can rationalize that scenario. Something perfect, by definition, cannot become imperfect.
Sounds familiar, and remarkably on topic.
So, which is it? Are men created in the image of God, or are women?
That's a false dichotomy. Does "god" have to be a single entity? And, even if it does, couldn't it be both at once, since it is [allegedly] omnipotent?
He calls himself a wretch, which some modern, mainline denominations have edited out in the belief that traditional Christianity has too negative a view of mankind. If you're shopping around for a worldview that caters to ego, there are much better options than Christianity.
The monotheistic religions, in general, seem to be largely masochistic in nature, as far as humanity is concerned. We're born "sinners," we have to do god's bidding (or whatever), and, if we don't, we're sentenced to eternal damnation in a pit of fiery badness (Christianity). I don't think some interpretations of Islamic doctrine are any better (killing infidels and apostates), but, certainly, not all of them are the same. I don't pretend to know which are more accepted, but that's a large part of the problem. Which is right? You can make your religion support almost anything you want it to. Perhaps the original popularizers of the Abrahamic religions envisioned a future not unlike The Party in 1984. Wouldn't it be easy to control people if we could get them to hate themselves, and restrict their freedoms and ability to experience pleasure? I'm not saying that's the case. It just seemed like an interesting thought.
Certainly, though, Geocentrism seems a much more gratifying stroke of the [humanistic] ego than contemporary religious doctrine, insofar as I'm aware of it.
Slashdot, and a majority of its user base, just so happens to originate from the United States, however. So what's your beef? I hope you aren't one of those self-hating Americans. I'm not particularly proud with the place I was born, myself, since I could have, just as likely, been born elsewhere. In fact, I'm largely apathetic about my nationality.
Nevertheless, I'm a part of this society (insofar as I could be, sitting at home all day), and, in order to communicate with it, I must adopt its standards for that communication. The same argument could be made for conversing on Slashdot, as well. Of course, it isn't particularly important whether we put punctuation marks inside or outside of quotation marks to other, sentient human beings.
However, I do think we need an international language with rigidly defined syntax. It's part of being a Type I civilization, as Michio Kaku often says, and, in all likelihood, English will comprise our Type I language.
I'm impartial to what system we use for global cooperation (although, I'd have to spend quite a bit of time learning another language, were one to be adopted*), but that's the direction things seem to be going, and I really think it's a critical point that, for things like artificial intelligence and semantic computing (as well as the semantic web) to become more fully developed, our language should be very strict, like any other computing standard. You may disagree, however.
* Which is why English is the prime candidate for internationalization -- many people have already familiarized themselves with it, worldwide.
In a world where I made a mistake. Don't try to school me on spelling or grammar. You really don't want to go there, Mr. I put punctuation marks outside of quotes, start sentences with conjunctions, and use the chiefly British, informal "spelt."
And in what world is 1.544Mbyte/sec equivalent to 1,192Mbyte/sec?
You have no idea what you are talking about, and the only thing you've done is to just demonstrate that further.
1.544Mbps is nowhere near the same thing as 1.544MB/s, and neither is 1.192MB/s anywhere near the same thing as 1,192MB/s (and where you're getting that number, I do not know).
This doesn't require round robin DNS to work. The main proof of concept linked to by that page, actually, just creates a new A entry for unixtimestamp() . some_3_digit_value . domain.tld.
This entry points to the attacking webserver, and is given a very low TTL. Once DNS pinning is circumvented, the entry is changed. It doesn't have to have more than one A record.
An ethernet switch can also revert to broadcast mode (hub-like functionality) if flooded with ARP requests, overflowing its internal ARP cache.
And, as far as checksumming goes, it's worth noting that packets are summed differently with Fragment Free and Cut Through switching technologies, which, it's atleast somewhat possible, they could be using.
No. It took no more than 900 million years for life to arise on Earth. That is a very short time, relative to the Earth, the Solar System, the Galaxy, the Local Group, and the Universe.
# "Without us, there is no one to witness its infinite beauty"
This presupposes not just a human-centered concept of beauty, but that we, as humans, are the only beings capable of witnessing anything. Never mind that the author posits (point #1) that "nature" can "experience" tragedy; if nature can "experience tragedy", then why would nature need us to be able to experience beauty?
In this particular part of the article, the author was referring to the Earth, specifically, if I recall correctly. We are likely the only beings (and, by we, I mean all life forms on our home planet) to observe Earth for quite some time to come.
# "As the late astronomer and author Carl Sagan once said, "we are a way for the universe to know itself"
Just because Sagan said it, doesn't make it true. We are undoubtably here, and yet there is no proof that the universe "knows itself" today, except in quasi-religious and religious belief systems that posit a god or other supernatural being.
You have evidently not read much Sagan, or you haven't seen Cosmos. We are here. We see "the universe" (a small part of it, atleast). We are made of the things that the universe is made from. As he says, we're "star stuff." So, in that sense, the matter of the universe has assembled itself into something capable of sentience. The universe does know itself through us.
I know what FTTN means. I just don't understand why they're running ADSL over it versus some new DSL, or something different all together. I wasn't trying to compare it to fiber to the home, or what have you, though.
ifdown? isn't that some shitty red hat script? why not ifconfig eth0 down? or uh../etc/init.d/network stop ||/etc/rc.d/rc.inet1 stop || service network stop or what have you?
I'm not sure, but maybe ADSL isn't the same technology in Europe? You guys have E1s and E3s in some places, to our T1s and T3s. The G.992.1 and G.992.2 standards are ratified by the ITU, so it ought to be international, but I've heard about differences in other "broadband" technologies across the nations, before. My memory is pretty fuzzy, though.
I do remember that, a few years ago, the maximum ADSL rates were something along the lines of 8Mbps / 1Mbps in the states, but Westell started introducing 12Mbps or 14Mbps ADSL line cards in Japan, or something like that. Cable modems in DOCSIS 2 were around 27Mbps (downstream) with the lowest symbol rate (QAM 64 modulation), and around 38Mbps with the better modulation. You could be confusing this with ADSL, but maybe you aren't. Either way, I really don't see a reason why ADSL would be limited to a mere 7Mbps over any medium, outdated as it may be.
It'd be great if we could just move to ethernet (or ATM, or whatever) over these fiber links. I don't really see the ridiculous complexity and overhead of DSL as being necessary, and the speed potential is comparatively low.
Re:So what - we are all NAT'ed anyway?
on
Hardening Linux
·
· Score: 0
My router has a lot of configuration options which are not NAT. In fact there are lots of uses for routers than don't use NAT schemes. There are also many ways to use NAT without the network device actually being a physical box we usually call a "router".
Uh.. I know that, which is why I said what I did. NAT is the opposite of routing, in case you hadn't noticed. Perhaps you should take a networking course, or something like that.
In NAT, the gateway device rewrites the source IP address of all packets to some predetermined value (perhaps that of its external interface's address). In routing, it does not rewrite anything at all. In routing, it advertises its network to a neighbor, and, ideally, that neighbor has advertised some larger superset of a prefix to the greater internet before this occurs, so packets destined toward the host machine will traverse through the hypothetical router of which we are speaking. In this case, then, any host machine behind the router is capable of manipulate the bits of the node part of the IP address. This is not the case in NAT.
NAT, for the most part, is a masquerading exercise -- the opposite of a routed network.
What is your point? If everybody except you is retarded, then why don't you enlighten us?
Uh.. Because Slashdot is a horrible forum for discussion?
Why would anyone run ADSL over fiber, when it's a copper technology? Actually, why would anyone run ADSL at all, since it's a completely ancient DSL technology? You'd think if they were going to use DSL at all (which barely makes sense), they'd update to something more recent like ADSL 2 (which I know nothing about).
Finally, ADSL used to have a maximum of around 6 or 8 Mbps, but this has been extended (there are 12Mbps ADSL line cards, and possibly higher now, I think?). 6Mbps+ ADSL has been in wide use over copper for quite some time. Why, exactly, would there be such a low limit on DSL over fiber?
Slashdot Mirror
Well, slight correction: ThePirateBay appears as though it may be a tracker. The point is that it's mostly known for being an index site (so far as I know), and the two are not necessarily related.
ThePirateBay and TorrentSpy are not trackers. They are torrent search sites.
That is an Energy Mech bot. It used to be the most common alternative to the Eggdrop bot, but it is not nearly as well known. Most experienced IRC users preferred Eggdrop for various reasons. Energy Mech had a reputation for being very resource intensive.
It's just a matter of philosophy. I used to be a "cracker" and a "DoS kid" on EFNet. I didn't use Windows machines (I also didn't need/use "DDoS" networks*). Most everyone on EFNet used Linux/UNIX machines with high bandwidth connections. Now, Windows nodes with cable modems seem to be a lot more popular. I think the kids on EFNet know a little bit about what they're doing, since I was one of them (but I was never as stupid as most of them seem to be). A few of them went on to become security experts, last I've heard of them. Many of them were idiots, however. But things have changed. It's a lot easier for "script kiddies" to do this kind of thing, and Windows is just a good, easy philosophical choice. It's a choice: do I want a few hosts with high bandwidth, or many hosts with relatively small bandwidth? They can both equal the same overall amount of transfer speed in the end. The Windows vector allows for an easier entrance into the "DoS" game, though. In fact, even for an experienced attacker, it might be a better choice, for the simple fact that this kind of attack will spread relatively easy. I have seen website forums for so called "h4X0rz" (read: retards) before, where they ask one another how to write an "on join" mIRC script to send an EXE backdoor to someone joining an IRC channel.
This is what I'm talking about. The entrance barrier is much lower, and the users of Windows are more likely be gullible enough to fall for these kinds of tricks. But don't fool yourself into thinking UNIX/Linux are somehow inherently "more secure," save for the fact that most distributions don't enable useless services by default any more. I have seen very large botnets involving BSD/Linux machines before too, and these are very devastating (e.g. the 8Gbps attack on eBay/CNN/Yahoo -- which was a stacheldraht net maintained by the "49ers" EFNet takeover group, if I recall). Some of these consisted of somewhere in the neighborhood of 5,000 machines. That was probably 6-7 years ago.
* Contrary to what the first article said, an attack from a single source is not necessarily 'easier to deal with' than a multi-sourced attack:
This is only true for weak attacks that aren't sufficient to kill the upstream. If the upstream router goes, it doesn't matter. You can't filter (which seems to be what they're implying by saying a single source attack is less effective) an attack when it's saturated the entire link.
And even if the attack is relatively weak, the single host may be able to spoof its source address. Randomized addresses would be even more difficult to filter. Of course, ratelimiting isn't out of the question, in either case.
Most times, botnets today are comprised of cable modems / DSL connections on Windows machines, which might get you 100KB/s upstream per node at the most (there are exceptions). Average is probably 256Kbps today. This doesn't result in a lot of bandwidth. Of course, some of my friends back then did use DDoS networks, like stacheldraht, trinoo, and tfn2k. These were also used on high bandwidth servers, which could be a VERY big problem -- much different than the scenario of Windows machines on cable modems.
Personally, I would use about 10-15 machines to perform an attack at the most. A couple of machines had 100Mbps or fiber uplinks to OC-3s. I got just under 20MB/s for a couple of hosts in South Korea. I suspect these were on OC-3s. There was a large problem, back then, with networks in eastern Asian countries being notorious for their insecurity. Netscan.org, when it was around, largely consisted of incorrectly configured broadcast networks in Japan and South Korea, if I recall correctly. Smurf (as well as THC) was a fairly big attack then. I used it a few times, but, at others, I would just use stream or something else on a few single hosts. I don't really remember the program I used most. But I could reach about 500-800Mbps of bandwidth, and this was probably from 1998-2001, and maybe 2002.
This would probably be different now. The climate is
Neil Tyson - Stupid Design. I still laffzzz when say he aborted feces!!!11
Another interesting link: http://en.wikipedia.org/wiki/Unintelligent_design
I'm not really sure I can rationalize that scenario. Something perfect, by definition, cannot become imperfect. Sounds familiar, and remarkably on topic.
The monotheistic religions, in general, seem to be largely masochistic in nature, as far as humanity is concerned. We're born "sinners," we have to do god's bidding (or whatever), and, if we don't, we're sentenced to eternal damnation in a pit of fiery badness (Christianity). I don't think some interpretations of Islamic doctrine are any better (killing infidels and apostates), but, certainly, not all of them are the same. I don't pretend to know which are more accepted, but that's a large part of the problem. Which is right? You can make your religion support almost anything you want it to. Perhaps the original popularizers of the Abrahamic religions envisioned a future not unlike The Party in 1984. Wouldn't it be easy to control people if we could get them to hate themselves, and restrict their freedoms and ability to experience pleasure? I'm not saying that's the case. It just seemed like an interesting thought.
Certainly, though, Geocentrism seems a much more gratifying stroke of the [humanistic] ego than contemporary religious doctrine, insofar as I'm aware of it.
Slashdot, and a majority of its user base, just so happens to originate from the United States, however. So what's your beef? I hope you aren't one of those self-hating Americans. I'm not particularly proud with the place I was born, myself, since I could have, just as likely, been born elsewhere. In fact, I'm largely apathetic about my nationality.
Nevertheless, I'm a part of this society (insofar as I could be, sitting at home all day), and, in order to communicate with it, I must adopt its standards for that communication. The same argument could be made for conversing on Slashdot, as well. Of course, it isn't particularly important whether we put punctuation marks inside or outside of quotation marks to other, sentient human beings.
However, I do think we need an international language with rigidly defined syntax. It's part of being a Type I civilization, as Michio Kaku often says, and, in all likelihood, English will comprise our Type I language.
I'm impartial to what system we use for global cooperation (although, I'd have to spend quite a bit of time learning another language, were one to be adopted*), but that's the direction things seem to be going, and I really think it's a critical point that, for things like artificial intelligence and semantic computing (as well as the semantic web) to become more fully developed, our language should be very strict, like any other computing standard. You may disagree, however.
* Which is why English is the prime candidate for internationalization -- many people have already familiarized themselves with it, worldwide.
You have no idea what you are talking about, and the only thing you've done is to just demonstrate that further. 1.544Mbps is nowhere near the same thing as 1.544MB/s, and neither is 1.192MB/s anywhere near the same thing as 1,192MB/s (and where you're getting that number, I do not know).
You're only off by a factor of one thousand. That's better than NASA.
No, but maybe someone can give you direcitons to Tatooine.
And I wouldn't place a punctuation mark outside of quotes. Neither would I begin a sentence with a conjunction. Whoops.
In what world is a T1 equivelant in throughput to a 10Mbps ethernet?
Please learn what a megabit is.
1.56*10^13/299792458/3600 = 14.454444 (mIRC $calc)
or perl:
or google:
http://www.google.com/search?hl=en&q=15.6+billion
This doesn't require round robin DNS to work. The main proof of concept linked to by that page, actually, just creates a new A entry for unixtimestamp() . some_3_digit_value . domain.tld.
This entry points to the attacking webserver, and is given a very low TTL. Once DNS pinning is circumvented, the entry is changed. It doesn't have to have more than one A record.
Your substitute teacher was very forgetful.
An ethernet switch can also revert to broadcast mode (hub-like functionality) if flooded with ARP requests, overflowing its internal ARP cache.
c s-014410.htm
And, as far as checksumming goes, it's worth noting that packets are summed differently with Fragment Free and Cut Through switching technologies, which, it's atleast somewhat possible, they could be using.
Perhaps a better page here: http://www.intel.com/support/express/switches/sb/
No. It took no more than 900 million years for life to arise on Earth. That is a very short time, relative to the Earth, the Solar System, the Galaxy, the Local Group, and the Universe.
I know what FTTN means. I just don't understand why they're running ADSL over it versus some new DSL, or something different all together. I wasn't trying to compare it to fiber to the home, or what have you, though.
ifdown? isn't that some shitty red hat script? why not ifconfig eth0 down? or uh.. /etc/init.d/network stop || /etc/rc.d/rc.inet1 stop || service network stop or what have you?
I'm not sure, but maybe ADSL isn't the same technology in Europe? You guys have E1s and E3s in some places, to our T1s and T3s. The G.992.1 and G.992.2 standards are ratified by the ITU, so it ought to be international, but I've heard about differences in other "broadband" technologies across the nations, before. My memory is pretty fuzzy, though.
I do remember that, a few years ago, the maximum ADSL rates were something along the lines of 8Mbps / 1Mbps in the states, but Westell started introducing 12Mbps or 14Mbps ADSL line cards in Japan, or something like that. Cable modems in DOCSIS 2 were around 27Mbps (downstream) with the lowest symbol rate (QAM 64 modulation), and around 38Mbps with the better modulation. You could be confusing this with ADSL, but maybe you aren't. Either way, I really don't see a reason why ADSL would be limited to a mere 7Mbps over any medium, outdated as it may be.
It'd be great if we could just move to ethernet (or ATM, or whatever) over these fiber links. I don't really see the ridiculous complexity and overhead of DSL as being necessary, and the speed potential is comparatively low.
In NAT, the gateway device rewrites the source IP address of all packets to some predetermined value (perhaps that of its external interface's address). In routing, it does not rewrite anything at all. In routing, it advertises its network to a neighbor, and, ideally, that neighbor has advertised some larger superset of a prefix to the greater internet before this occurs, so packets destined toward the host machine will traverse through the hypothetical router of which we are speaking. In this case, then, any host machine behind the router is capable of manipulate the bits of the node part of the IP address. This is not the case in NAT.
NAT, for the most part, is a masquerading exercise -- the opposite of a routed network.
Uh.. Because Slashdot is a horrible forum for discussion?
Why would anyone run ADSL over fiber, when it's a copper technology? Actually, why would anyone run ADSL at all, since it's a completely ancient DSL technology? You'd think if they were going to use DSL at all (which barely makes sense), they'd update to something more recent like ADSL 2 (which I know nothing about). Finally, ADSL used to have a maximum of around 6 or 8 Mbps, but this has been extended (there are 12Mbps ADSL line cards, and possibly higher now, I think?). 6Mbps+ ADSL has been in wide use over copper for quite some time. Why, exactly, would there be such a low limit on DSL over fiber?