OK, so my software isn't licensed. You wanna know how this could be fixed? Let us buy some licenses! If I have legally purchased DVD Hardware (DVD-ROM) and a DVD, but my DVD playing software isn't licensed, why can't I purchase a license as an end user? I wouldn't mind sending $5 or whatever they would have gotten from MS/Apple for my other OS purchase, but at least allow me to pay to be legit.
My recommendation would be to contact the local Ham clubs in the areas you plan to frequent. You may find that there are a number of repeaters in the area you are going to be in. http://www.arrl.org/find-a-club
I would encourage you to become a Ham, I have enjoyed the hobby for the last 8 years. Most Hams worth their radios would gladly sit down and have a conversation with you about whether or not becoming a Ham and getting a radio up in those mountains is worth your time.
You can still do a lot with 5 Watts of power on VHF.
Yes, firewalls are only a first-line-of-defense tool. Making the assumption that a firewall is an end-all-be-all solution is not a good practice. You do need to have a network perimeter to filter out a large factor of attacks, internal borders to mitigate internal problems, and desktop/server security to protect you from your users.
That is why we have firewalls, content filters, network access control devices, intrusion prevention systems, and desktop products (like Cisco Security Agent).
You can't get your whole network security from a single solution and not necessarily a single vendor.
I can't think of a single reason why knowing what the rules do precludes using a GUI tool to simplify and automate management.
Manually editing text is time-consuming, fatiguing and error prone. Have a tool to automate that sort of thing is one of the fundamental reasons for having computers in the first place.
Fair enough. It might have been presumptuous of me to assume that a gui based "drag 'n drop" system would lead to someone creating policies and applying them before checking to see how they are applied and what the end-effect would be. A lot of time when someone is looking for a GUI system of that nature, they are looking for a way to not spend money on a security professional, but instead let a person with minimal training manage these devices.
Any tool is only as useful as the person using it. If you have your janitor programming your firewall because it happens to sit in his closet, then you probably have bigger problems on your hands anyway.
I'll admit, in my office, we script the heck out of a lot of configurations, but that doesn't mean we fire and forget. We still have to look at the end result and see how this stuff is going to fly before we apply it.
Yes, find someone who knows something about networking and more importantly about firewalls Try someone who has a CCSP or CCIE:Security as part of their title. Some of the things you are talking about have existed for years on Cisco Pix and ASAs like downloadable ACLs (Where based on your credentials you get firewalled differently) which can be applied across a whole enterprise of firewalls. Dynamic inspection of traffic, like h.323 traffic, so you don't have to open a whole range of ports other than the signalling port.
Dear lord, gui based management of a fleet of firewalls? You want to drag and drop things and make magic happen when you do that? Sounds pretty reckless and dangerous to me. That's like saying because you can ride a bicycle, you should be allowed to drive a hazmat semi at top speed through downtown LA. If you don't understand what the rules are and how they will be applied in the first place, you are likely just going to cause problems (like accidentally shutting off your company's ability to sell their trinkets online because you locked it down on accident.)
By the way, I don't care what the kid from the nerd herd tells you, Belkin and Linksys do not sell firewalls. They sell quasi-routers with nat and some limited form of access control. Finally, UPnP is not the answer to your problem, that just makes it easy for people to put devices on your network to open security holes up in your firewall, which is why it's not supported on most enterprise grade firewalls (and wouldn't work anyway if you looked at the way most enterprises build their networks)
Between the time of the article submission and first post, a new generation gap has been created between the iGeneration and the WhatEverTheHeckWe'llCallThemNext Generation.
I'm dead serious. If you are on production stuff and you screw it up remotely, you can at least tell it to reload and pull it's old config. You have some downtime, but it's better than the downtime you'd experience if you had to drive out there.
Therefore, if they have a 20-Gbps link to your house, but they offer 7-Mbps of open bandwidth, with 13-Mpbs reserved for their own downloadable movies, they can only advertise 7-Mpbs service.
Makes sense to me... Can anybody poke any logical holes in this (other than "Cable sucks, let's screw them")?
This just makes me that much more afraid of the sandwich I found in my hotel room fridge this morning. I've been here two days and I didn't put it there.
I dunno, lots of rotting stuff can make ammonia... of course, if the cleaning chemicals used happened to be ammonia and bleach, the person shouldn't be allowed to clean ever again. Ammonia and bleach will combine to give off chlorine gas, which will make a person expel their breakfast, amongst other problems.
Although I don't disagree with the idea that a large driving force behind Windows is the gaming market, there is also a sore lacking for Open Source adoption in the business world too. We even see this in MS's adoption of ODF 1.1 http://slashdot.org/article.pl?sid=09/05/04/1246249 While technically "compliant" it functionally is not.
Open Office isn't 100% compatible (as in exact conversion) with MS Office. It's darn close, but not exact.
As a network engineer, I have yet to find a solid compatible replacement for Visio as well. My customers don't want a PDF or non-visio compatible document, they want something that will open in Visio every time.
The defacto standards are just too well rooted still and will be until there is full interoperability between these apps.
When that changes, I think we'll start to see a stronger shift to Open Source apps and maybe even Linux.
It's one more programmer than most companies dedicate to the two operating systems. I think it's great that they are doing it, even if it isn't a whole team working on it.
Now if only we could get other game developers to do the same (Valve? Blizzard? etc etc etc) It'd be nice to see Tux and an Apple chilling out next to the Windows logo on these games. In theory, it should open up the game's market share. If nothing else, give them a better reputation amongst gamers.
Not only does it run in half duplex, but it can ONLY run in half duplex. No two hosts can transmit at once on the same frequency. EVER. The only way potentially get around this would be to use multiple non-overlapping frequencies, one for transmit and one for receive for each host. When I say the same frequency, it doesn't matter if you are using frequency hopping (shell game), you can't be using the same frequency as someone else transmitting at the same time.
Wireless is a technology of convenience, not a replacement for wired networks.
There is one key piece of valuable information missing from these stats: Attack type against OS/Web Server. So what if 300 some attacks were via cracked passwords. Were they all on Linux? where they all on Windows?
It's like saying that 99% of people are murderers, but failing to explain that you only included a 2 year old and everyone else was on death row in your statistic.
I kind of feel that it was irresponsible to publish these statistics without publishing more information.
(I'll gladly retract that comment if someone can produce the desired information of course)
I'm always very fond of Linux because it seems to provide better raw access to system devices (serial and usb ports etc)
However, the ultimate question comes down to this: does the gear you have to interface with already have some kind of driver developed for it, or do you have to write the interface to those as well?
If its all serial, I would go with Linux. If it requires a driver and a Linux driver is available, I would still go with Linux.
We don't have much to go on here. I've seen people turn Linux boxes into coffee machines on crack (I think there is a man page out there somewhere) and other home automation systems that basically just use relays and a few other custom made components. Give us more details on your specific equipment and maybe you'll get better answers.
Correct me if I'm wrong (and I probably am) but if the Vista client will only accept a broadcast response, doesn't that mean that a DHCP relay agent would break this ability? When a network is broken into smaller networks (like vlans) it is common to use one DHCP server and have the switches/routers forward the DHCP request as a unicast to the DHCP server. The DHCP server gives a unicast response back to the switch which then forwards it to the client (all unicast).
So, when people say that Microsoft broke the standard, they did and they didn't. The broadcast bit is in the RFC (Duh), but by using it, you can make your DHCP request incompatible with some networks. For the broadcast flag to work, not only would the DHCP server need to support it, but also the DHCP relay agent.
All those Cisco people that don't know what an RFC is will know this as "ip helper-address"
Slashdot Mirror
OK, so my software isn't licensed. You wanna know how this could be fixed? Let us buy some licenses! If I have legally purchased DVD Hardware (DVD-ROM) and a DVD, but my DVD playing software isn't licensed, why can't I purchase a license as an end user? I wouldn't mind sending $5 or whatever they would have gotten from MS/Apple for my other OS purchase, but at least allow me to pay to be legit.
Well, if the bank is 20 miles away, we can safely assume that the cost to drive the money to the bank is $3.58...
On a similar note, you can purchase the ARRL Repeater directory for about $10, I keep a copy in my truck, but it fits real good in a backpack pocket too. It has almost all the repeaters in the US and Canada.
http://www.arrl.org/shop/The-ARRL-Repeater-Directory-2010-2011-Pocket-sized/
My recommendation would be to contact the local Ham clubs in the areas you plan to frequent. You may find that there are a number of repeaters in the area you are going to be in.
http://www.arrl.org/find-a-club
I would encourage you to become a Ham, I have enjoyed the hobby for the last 8 years. Most Hams worth their radios would gladly sit down and have a conversation with you about whether or not becoming a Ham and getting a radio up in those mountains is worth your time.
You can still do a lot with 5 Watts of power on VHF.
KD7PUA
Yes, firewalls are only a first-line-of-defense tool. Making the assumption that a firewall is an end-all-be-all solution is not a good practice. You do need to have a network perimeter to filter out a large factor of attacks, internal borders to mitigate internal problems, and desktop/server security to protect you from your users.
That is why we have firewalls, content filters, network access control devices, intrusion prevention systems, and desktop products (like Cisco Security Agent).
You can't get your whole network security from a single solution and not necessarily a single vendor.
I can't think of a single reason why knowing what the rules do precludes using a GUI tool to simplify and automate management.
Manually editing text is time-consuming, fatiguing and error prone. Have a tool to automate that sort of thing is one of the fundamental reasons for having computers in the first place.
Fair enough. It might have been presumptuous of me to assume that a gui based "drag 'n drop" system would lead to someone creating policies and applying them before checking to see how they are applied and what the end-effect would be. A lot of time when someone is looking for a GUI system of that nature, they are looking for a way to not spend money on a security professional, but instead let a person with minimal training manage these devices.
Any tool is only as useful as the person using it. If you have your janitor programming your firewall because it happens to sit in his closet, then you probably have bigger problems on your hands anyway.
I'll admit, in my office, we script the heck out of a lot of configurations, but that doesn't mean we fire and forget. We still have to look at the end result and see how this stuff is going to fly before we apply it.
Yes, find someone who knows something about networking and more importantly about firewalls Try someone who has a CCSP or CCIE:Security as part of their title. Some of the things you are talking about have existed for years on Cisco Pix and ASAs like downloadable ACLs (Where based on your credentials you get firewalled differently) which can be applied across a whole enterprise of firewalls. Dynamic inspection of traffic, like h.323 traffic, so you don't have to open a whole range of ports other than the signalling port.
Dear lord, gui based management of a fleet of firewalls? You want to drag and drop things and make magic happen when you do that? Sounds pretty reckless and dangerous to me. That's like saying because you can ride a bicycle, you should be allowed to drive a hazmat semi at top speed through downtown LA. If you don't understand what the rules are and how they will be applied in the first place, you are likely just going to cause problems (like accidentally shutting off your company's ability to sell their trinkets online because you locked it down on accident.)
By the way, I don't care what the kid from the nerd herd tells you, Belkin and Linksys do not sell firewalls. They sell quasi-routers with nat and some limited form of access control. Finally, UPnP is not the answer to your problem, that just makes it easy for people to put devices on your network to open security holes up in your firewall, which is why it's not supported on most enterprise grade firewalls (and wouldn't work anyway if you looked at the way most enterprises build their networks)
Phillip J. Fry: "Huh. Did everything just taste purple for a second?"
Yes, yes it did.
"I'm afraid this automobile thing will devalue the horse, so we should outlaw it"
Between the time of the article submission and first post, a new generation gap has been created between the iGeneration and the WhatEverTheHeckWe'llCallThemNext Generation.
Shoot, there went another one.
reload in 5
I'm dead serious. If you are on production stuff and you screw it up remotely, you can at least tell it to reload and pull it's old config. You have some downtime, but it's better than the downtime you'd experience if you had to drive out there.
Therefore, if they have a 20-Gbps link to your house, but they offer 7-Mbps of open bandwidth, with 13-Mpbs reserved for their own downloadable movies, they can only advertise 7-Mpbs service.
Makes sense to me... Can anybody poke any logical holes in this (other than "Cable sucks, let's screw them")?
For one thing, 7 Mbps + 13 Mbps is not 20 Gbps
Failed to mention 19+ Gbps for neighbor-net ;)
Wait, I thought that we stayed still and the mountains moved through US!?!? I need to take that quantum mechanics course...
This just makes me that much more afraid of the sandwich I found in my hotel room fridge this morning. I've been here two days and I didn't put it there.
I dunno, lots of rotting stuff can make ammonia... of course, if the cleaning chemicals used happened to be ammonia and bleach, the person shouldn't be allowed to clean ever again. Ammonia and bleach will combine to give off chlorine gas, which will make a person expel their breakfast, amongst other problems.
Although I don't disagree with the idea that a large driving force behind Windows is the gaming market, there is also a sore lacking for Open Source adoption in the business world too. We even see this in MS's adoption of ODF 1.1 http://slashdot.org/article.pl?sid=09/05/04/1246249 While technically "compliant" it functionally is not.
Open Office isn't 100% compatible (as in exact conversion) with MS Office. It's darn close, but not exact.
As a network engineer, I have yet to find a solid compatible replacement for Visio as well. My customers don't want a PDF or non-visio compatible document, they want something that will open in Visio every time.
The defacto standards are just too well rooted still and will be until there is full interoperability between these apps.
When that changes, I think we'll start to see a stronger shift to Open Source apps and maybe even Linux.
It's one more programmer than most companies dedicate to the two operating systems. I think it's great that they are doing it, even if it isn't a whole team working on it.
Now if only we could get other game developers to do the same (Valve? Blizzard? etc etc etc) It'd be nice to see Tux and an Apple chilling out next to the Windows logo on these games. In theory, it should open up the game's market share. If nothing else, give them a better reputation amongst gamers.
Not only does it run in half duplex, but it can ONLY run in half duplex. No two hosts can transmit at once on the same frequency. EVER. The only way potentially get around this would be to use multiple non-overlapping frequencies, one for transmit and one for receive for each host. When I say the same frequency, it doesn't matter if you are using frequency hopping (shell game), you can't be using the same frequency as someone else transmitting at the same time.
Wireless is a technology of convenience, not a replacement for wired networks.
And yes, I am a Ham.
Copy and Paste would be useful.
Tethering would be cool too
I have found that having a solid understanding of C and C++ works really good for linux.
For fast development, I turn to Python (I also like doing my GUIs in python with my back ends in C)
Perl is good to know for general scripting, but pretty much anything you can do in Perl can be done in Python
Don't forget your Shell scripts like BASH. They aren't much good for programming, but are really good to know.
There is one key piece of valuable information missing from these stats: Attack type against OS/Web Server. So what if 300 some attacks were via cracked passwords. Were they all on Linux? where they all on Windows?
It's like saying that 99% of people are murderers, but failing to explain that you only included a 2 year old and everyone else was on death row in your statistic.
I kind of feel that it was irresponsible to publish these statistics without publishing more information.
(I'll gladly retract that comment if someone can produce the desired information of course)
"cutting into the reinforced walls with a power saw"
I would say that is an argument for underground data centers...
Took long enough. I always wondered why they chose POP over IMAP in the first place. But then again, I'm just a real big fan of IMAP.
THANK YOU GOOGLE!
...seems to provide better raw access...
I meant better than a certain Microsoft product, not other *nixes
I'm always very fond of Linux because it seems to provide better raw access to system devices (serial and usb ports etc)
However, the ultimate question comes down to this: does the gear you have to interface with already have some kind of driver developed for it, or do you have to write the interface to those as well?
If its all serial, I would go with Linux. If it requires a driver and a Linux driver is available, I would still go with Linux.
We don't have much to go on here. I've seen people turn Linux boxes into coffee machines on crack (I think there is a man page out there somewhere) and other home automation systems that basically just use relays and a few other custom made components. Give us more details on your specific equipment and maybe you'll get better answers.
Correct me if I'm wrong (and I probably am) but if the Vista client will only accept a broadcast response, doesn't that mean that a DHCP relay agent would break this ability? When a network is broken into smaller networks (like vlans) it is common to use one DHCP server and have the switches/routers forward the DHCP request as a unicast to the DHCP server. The DHCP server gives a unicast response back to the switch which then forwards it to the client (all unicast).
So, when people say that Microsoft broke the standard, they did and they didn't. The broadcast bit is in the RFC (Duh), but by using it, you can make your DHCP request incompatible with some networks. For the broadcast flag to work, not only would the DHCP server need to support it, but also the DHCP relay agent.
All those Cisco people that don't know what an RFC is will know this as "ip helper-address"