This reminds me a lot of hearing about the auto rental places using GPS information to charge fines on people they think are speeding. At the same time, GPS data was used by some police units to send automated tickets to people believed to be speeding...
If it's username and password restricted, it doesn't matter if it's guessable. You can still claim it was hacked, because they were not the authorized user of that account.
After all, most hacks are done to people who did not adequately secure themselves. There's a difference between open and vulnerable, and it is a legal distinction.
WCCP... I'm pretty sure Squid can handle it. If not, it's still viable to redirect without having the clients change their config.
I don't see why they can't run webservers if they want to... if the person is using a T1 (which is better for the number of users than DSL), their aren't ISP TOS considerations like with a residential service.
After all, if the onus is on them to protect their machines, they should be able to run whatever services they want. Just protect the interunit traffic and rate limit them. Let them use their bandwidth how they want.
And ratelimiting is a good idea, because if they DO get trojan'd/infected, they can't pull the bandwidth of the other units into the toilet. Which leaves you with less hassle on your end of actually running the place.
The time to upgrade Apache is minimal, once you have everything ready to roll. Config, compile, install... then it's just the time betwees apachectl stop and apachectl starl(ssl).
And if you have a box with multiple services, everything else keeps running. Unlike MS patches, where you really have to reboot. Add in SCSI cards, LUN probing, and reboots cause a lot more downtime than a service restart.
It's plain text and there's no way USENET will ever change to "pay-per-view" type of sharing information, which I think WWW is sliding towards to.
Considering all the really good news feeds require paying subscriptions or are via a web interface such as deja, I find this pretty amusing.
Usenet is dying, but the way it's dying, it's like a good retirement home. The older it gets, the better it gets... as all the people who still use it die off one by one.
No. The antispam crowd believes that it boils down to consent. It is fine for companies to send me newsletters... only if I have given them the permission to do so. If I have not given them permission, then it's UCE.
There is a difference between CE and UCE, and only the latter is bad.
Don't mix Stallman's ideas about commercial interests with the antispam crowd. None of us are as rabid as he is.
Yeah, taking a piss at MS in this manner just reduces slashdot's (already dubious) credibility. I've worked with both windows and linux machines in a production online environment and I can say that I've had to scramble to fix security holes for both of them in the last year. The apache chunk vulnerability and one of the recent ssh vulnerabilities really sucked, but that might be just because I've trusted apache+ssh more than I've trusted the windows machine.
Maybe because we can point finger directly at the OpenSSH crew and the Apache crew-- not the UNIX operating system. UNIX is more secure-- what runs on top of it is still open to debate.
I'm tired of sendmail's copious prblems... to the point I wouldn't be surprised if Exchange had less flaws. Most of the Apache prblems have been minor in comparison to IIS, however-- and you can't blame a Linux company for Apache vulnerabilities, since it isn't a Linux application. It's a multiplatform application that even runs under Windows and Macs.
I think you'd scream if we called Apache vulnerabilities Windows security flaws because it can run under Windows-- so apply the same mindset to Linux and other UNIX derivatives.
Also, it's very easy to change the security context of UNIX applications, and protect yourself from vulnerabilites. Such cannot be said for Windows. I also think the DLL model under Windows is less secure than under UNIX (easier to taint what would be considered "kernel space"), but it's been a while since I really worked with NT systems enough to argue the fine details of that discussion.
Simple. Don't bother wasting your time with the vendor-- hit the distributor.
Find the CDs, buy the CDs. When the first one doesn't work, return it for a new one. When the second one doesn't work, return it for a third. When the third doesn't work, return it for your money back.
Then shift to the next CD that doesn't work on your computer. When the store gets tired of dealing with returns for certain labels, they will put the pressure on the vendors-- they're the ones controlling the funds, an end user venting is just a drop in a bucket. A store owner venting about the extra 40-hours a week manpower increase is going to send ripples.
Try building Apache with DSO support, and building a DSO mod_perl, mod_php, mod_ssl, and a few other DSOs... It's not uncomment for the DSOs to not play nicely together.
I've never had these combinations cause problems when I compiled them all statically together, but add DSO into the mix, and you'll probably run across Apache barfing every now and then.
The concept of TR came from Dick, but Anthony converted the script into book form. ISTR that Dick never published it in book form-- maybe as a short story.
Dick's had several concepts turned into different movies-- Bladerunner (Do Androids Dream of Electric Sheep?), Total Recall, and Minority Report. Not a bad set of credits... all of them with very interesting plots and twists. All of them critically reviewed, two of them considered classics.
Personally, I think all 3 could have been done better, but oh well.
12 hours clearing yard trash? Either your guild is incompetently clearing through Vex Thal and missing the 4-6 boss mobs you should be getting during that time frame, or you're not raiding in the true high end game.
Most raid days are under 8 hours, and usually involve 2-4 boss mob kills during that time... and a good chunk of that time is spent moving from zone to zone and/or finding targets to kill.
Spawn time problems are also addressed inaccurately, since Verant added in random spawn timers. Important mobs now spawn 0-24 hours after patch/server reset/crash. Euro guilds are favored any time they forget to randomize these timers, but most of them have already been randomized. Granted, EQs RNG system needs a bit of work (it's very very very streaky, they really need more entropy sources), but it still leaves things out of the Euro time window often enough.
The main reasons people grow to hate the game are:
1.) Timesinks (Vex Thal key, Planes of Power zone flags) 2.) Yard trash mobs (Vex Thal being the worst zone for this-- but still has a lot of boss mobs to at least make it mostly worth it). 3.) Player disputes. 4.) Customer (dis)service. 5.) Developer (mis)communication. 6.) Game (bugs) fixes.
"This like rejecting email where someone has issued the HELO command when connecting to your SMTP server, or rejecting any email that arrives via TCP port 25, rather than rejecting email where you see something in the content you dislike."
So filtering for certain known spamware HELO reponses and rejecting them is breaking RFC compliance? Filtering sendmail with ipchains or libwrap and disallowing connections from certain hosts on port 25 breaks RFC compliance? I think not-- it's a matter of controlling what I want to allow to come into my system.
"So what? I want to send an email. Somebody refuses that mail although it is neither spam nor elsweher illegitimate.
Ths means he refuses perfectly valid mail. q.e.d."
All blacklists will reject some valid mail-- it's something you have to live with if you choose to use them. Or if someone you want to mail chooses to use them.
"I'm sorry if your experience is with admining a Windows-only network, but you're simply not correct with respect to the entire Internet."
Actually, I'm a former OSDN employee, who maintained these servers from the Andover office for several months last year. I've never had an administrative account on an NT/2K/XP box in production use, and I'm happy to keep it that way.
"The RFCs define what is a valid email, so yes it does. No one can make you accept it, but if you do not do so you aren't denying an invalid piece of mail -- you're violating standards on your own."
The RFCs define what is a standard means of communication and how formatting of messages should be done, and how messages should be rejected. The RFCs do not touch on what criterion a mail server administrator should or should not choose to reject on. I refuse direct-to-MX mail from those listed on DUL-like lists. That's my perrogative, because I see a lot of spam coming into my server that way. In doing so, I am violating no standards... unless you'd like to quote me an RFC which says I cannot or should not do so.
Just because the RFCs allow it, doesn't mean that it has to be considered "valid". Emails with virii may (though often don't) conform correctly to RFCs, but I'll reject them if I can detect them.
There's two solutions-- get a static IP from your ISP which they have not listed on the DUL-- case solved. Or relay through a static IP which is not listed on the DUL-- case solved. Otherwise, I and many many many other people will reject it, because while it conforms to the RFC, we do not consider it valid.
And apparently, neither does your ISP-- DUL submissions are usually checked vs. the ISP for confirmation.
Should have set your sendmail server to send through their servers... so your server would accept it and try to push it through the @home server until it finally got out.
Just tweak the values so it tries for long enough to be able to get the messages out, heh.
When DAoC came out, EQ had 300k+ subscribers. Now that DAoC's been out a while and people have played it, and EQ's released Shadows of Luclin, EQ is not at 420k+ subscribers.
EQ is still growing, and has actually made many changes to appease lower level characters. It's not the same game as it was two years ago.
It's still not perfect, but it's still head and foam above any other MMORPG out there, with no sign of any coming rival.
DAoC was the one people looked to to rattle Verant, and it seemed to be doing so... but then after a few months, a LOT of people left Camelot and came back to Norrath. DAoC did not hold people like EQ does, and for a MRC-based company... that's not good.
In the meantime, everything on the horizon is still horribly vapourware.
Well...
Outside of the next EQ expansion, Planes of Power.
[54 Cavalier] Jasmeralia Sorrowmist <The Companions> -- Tribunal Server
Slashdot Mirror
This reminds me a lot of hearing about the auto rental places using GPS information to charge fines on people they think are speeding. At the same time, GPS data was used by some police units to send automated tickets to people believed to be speeding...
--etrnl--
It's kind of hard to say they don't need to audit the code when they are distributing it...
--etrnl--
FORD:
...Driver Returns On Foot.
;)
Found On Road Dead...
That should give you an idea of the public opinion of them around here
--etrnl--
If it's username and password restricted, it doesn't matter if it's guessable. You can still claim it was hacked, because they were not the authorized user of that account.
After all, most hacks are done to people who did not adequately secure themselves. There's a difference between open and vulnerable, and it is a legal distinction.
--etrnl--
And APNIC is where most of my spam comes from... so it's easiest to toss it all in the bit bucket.
--etrnl--
Doom 3 is stellar enough that basic deathmatch will be very interesting. Especially with the maps people will be able to design...
And frankly, the MP in RTCW is cool and all, but I really wish they had a basic deathmatch as well. Sometimes stmplest is best.
If I wanted to play a sports game, I'd get Madden 2003 for the PS2 or something, know what I mean?
--etrnl--
WCCP... I'm pretty sure Squid can handle it. If not, it's still viable to redirect without having the clients change their config.
I don't see why they can't run webservers if they want to... if the person is using a T1 (which is better for the number of users than DSL), their aren't ISP TOS considerations like with a residential service.
After all, if the onus is on them to protect their machines, they should be able to run whatever services they want. Just protect the interunit traffic and rate limit them. Let them use their bandwidth how they want.
And ratelimiting is a good idea, because if they DO get trojan'd/infected, they can't pull the bandwidth of the other units into the toilet. Which leaves you with less hassle on your end of actually running the place.
--etrnl--
The time to upgrade Apache is minimal, once you have everything ready to roll. Config, compile, install... then it's just the time betwees apachectl stop and apachectl starl(ssl).
And if you have a box with multiple services, everything else keeps running. Unlike MS patches, where you really have to reboot. Add in SCSI cards, LUN probing, and reboots cause a lot more downtime than a service restart.
--etrnl--
the whole technology's accuracy is comparable to that of a lie detector test
Which means its horribly inaccurate. Lie detector tests are inadmissable in most cases now because they can be manipulated relatively easy.
--etrnl--
OpenBSD has been nice, but I can do without the version churn. I am switching to debian.
:)
I feel your pain. While debian has its flaws, the one thing they really do right... is REALLY done right.
Package/software maintainance is a pain in every other distro (including gentoo; not every unix box needs a compiler...). Debian does it right.
I heard about Debian being ported to the NetBSD kernel. I'd be very interested in seeing a Debian port of Solaris
--etrnl--
It's plain text and there's no way USENET will ever change to "pay-per-view" type of sharing information, which I think WWW is sliding towards to.
Considering all the really good news feeds require paying subscriptions or are via a web interface such as deja, I find this pretty amusing.
Usenet is dying, but the way it's dying, it's like a good retirement home. The older it gets, the better it gets... as all the people who still use it die off one by one.
--etrnl--
No. The antispam crowd believes that it boils down to consent. It is fine for companies to send me newsletters... only if I have given them the permission to do so. If I have not given them permission, then it's UCE.
There is a difference between CE and UCE, and only the latter is bad.
Don't mix Stallman's ideas about commercial interests with the antispam crowd. None of us are as rabid as he is.
--etrnl
Yeah, taking a piss at MS in this manner just reduces slashdot's (already dubious) credibility. I've worked with both windows and linux machines in a production online environment and I can say that I've had to scramble to fix security holes for both of them in the last year. The apache chunk vulnerability and one of the recent ssh vulnerabilities really sucked, but that might be just because I've trusted apache+ssh more than I've trusted the windows machine.
Maybe because we can point finger directly at the OpenSSH crew and the Apache crew-- not the UNIX operating system. UNIX is more secure-- what runs on top of it is still open to debate.
I'm tired of sendmail's copious prblems... to the point I wouldn't be surprised if Exchange had less flaws. Most of the Apache prblems have been minor in comparison to IIS, however-- and you can't blame a Linux company for Apache vulnerabilities, since it isn't a Linux application. It's a multiplatform application that even runs under Windows and Macs.
I think you'd scream if we called Apache vulnerabilities Windows security flaws because it can run under Windows-- so apply the same mindset to Linux and other UNIX derivatives.
Also, it's very easy to change the security context of UNIX applications, and protect yourself from vulnerabilites. Such cannot be said for Windows. I also think the DLL model under Windows is less secure than under UNIX (easier to taint what would be considered "kernel space"), but it's been a while since I really worked with NT systems enough to argue the fine details of that discussion.
--etrnl--
Yeah-- while CD sales are going UP because of the promotion, rather than DOWN.
Idiot.
--etrnl
Simple. Don't bother wasting your time with the vendor-- hit the distributor.
Find the CDs, buy the CDs. When the first one doesn't work, return it for a new one. When the second one doesn't work, return it for a third. When the third doesn't work, return it for your money back.
Then shift to the next CD that doesn't work on your computer. When the store gets tired of dealing with returns for certain labels, they will put the pressure on the vendors-- they're the ones controlling the funds, an end user venting is just a drop in a bucket. A store owner venting about the extra 40-hours a week manpower increase is going to send ripples.
--etrnl--
Try building Apache with DSO support, and building a DSO mod_perl, mod_php, mod_ssl, and a few other DSOs... It's not uncomment for the DSOs to not play nicely together.
I've never had these combinations cause problems when I compiled them all statically together, but add DSO into the mix, and you'll probably run across Apache barfing every now and then.
--etrnl
The concept of TR came from Dick, but Anthony converted the script into book form. ISTR that Dick never published it in book form-- maybe as a short story.
Dick's had several concepts turned into different movies-- Bladerunner (Do Androids Dream of Electric Sheep?), Total Recall, and Minority Report. Not a bad set of credits... all of them with very interesting plots and twists. All of them critically reviewed, two of them considered classics.
Personally, I think all 3 could have been done better, but oh well.
--etrnl
Is that when I went to view this article, a Microsoft ad was right underneath it...
--etrnl
12 hours clearing yard trash? Either your guild is incompetently clearing through Vex Thal and missing the 4-6 boss mobs you should be getting during that time frame, or you're not raiding in the true high end game.
Most raid days are under 8 hours, and usually involve 2-4 boss mob kills during that time... and a good chunk of that time is spent moving from zone to zone and/or finding targets to kill.
Spawn time problems are also addressed inaccurately, since Verant added in random spawn timers. Important mobs now spawn 0-24 hours after patch/server reset/crash. Euro guilds are favored any time they forget to randomize these timers, but most of them have already been randomized. Granted, EQs RNG system needs a bit of work (it's very very very streaky, they really need more entropy sources), but it still leaves things out of the Euro time window often enough.
The main reasons people grow to hate the game are:
1.) Timesinks (Vex Thal key, Planes of Power zone flags)
2.) Yard trash mobs (Vex Thal being the worst zone for this-- but still has a lot of boss mobs to at least make it mostly worth it).
3.) Player disputes.
4.) Customer (dis)service.
5.) Developer (mis)communication.
6.) Game (bugs) fixes.
Jasmeralia Sorrowmist
62 Paladin
The Companions Guild (Webmaster)
The Tribunal Server (Webmaster)
So filtering for certain known spamware HELO reponses and rejecting them is breaking RFC compliance? Filtering sendmail with ipchains or libwrap and disallowing connections from certain hosts on port 25 breaks RFC compliance? I think not-- it's a matter of controlling what I want to allow to come into my system.
All blacklists will reject some valid mail-- it's something you have to live with if you choose to use them. Or if someone you want to mail chooses to use them.
Actually, I'm a former OSDN employee, who maintained these servers from the Andover office for several months last year. I've never had an administrative account on an NT/2K/XP box in production use, and I'm happy to keep it that way.
The RFCs define what is a standard means of communication and how formatting of messages should be done, and how messages should be rejected. The RFCs do not touch on what criterion a mail server administrator should or should not choose to reject on. I refuse direct-to-MX mail from those listed on DUL-like lists. That's my perrogative, because I see a lot of spam coming into my server that way. In doing so, I am violating no standards... unless you'd like to quote me an RFC which says I cannot or should not do so.
Just because the RFCs allow it, doesn't mean that it has to be considered "valid". Emails with virii may (though often don't) conform correctly to RFCs, but I'll reject them if I can detect them.
There's two solutions-- get a static IP from your ISP which they have not listed on the DUL-- case solved. Or relay through a static IP which is not listed on the DUL-- case solved. Otherwise, I and many many many other people will reject it, because while it conforms to the RFC, we do not consider it valid.
And apparently, neither does your ISP-- DUL submissions are usually checked vs. the ISP for confirmation.
Should have set your sendmail server to send through their servers... so your server would accept it and try to push it through the @home server until it finally got out.
Just tweak the values so it tries for long enough to be able to get the messages out, heh.
--etrnl
MAPS is a Limited Liability Corp -- NOT a not-for-profit company. You can't be not-for-profit (legally speaking) and an LLC as well.
They like to claim they're not-for-profit, but are not legally based as such.
--etrnl
Do you even have a clue?
When DAoC came out, EQ had 300k+ subscribers. Now that DAoC's been out a while and people have played it, and EQ's released Shadows of Luclin, EQ is not at 420k+ subscribers.
EQ is still growing, and has actually made many changes to appease lower level characters. It's not the same game as it was two years ago.
It's still not perfect, but it's still head and foam above any other MMORPG out there, with no sign of any coming rival.
DAoC was the one people looked to to rattle Verant, and it seemed to be doing so... but then after a few months, a LOT of people left Camelot and came back to Norrath. DAoC did not hold people like EQ does, and for a MRC-based company... that's not good.
In the meantime, everything on the horizon is still horribly vapourware.
Well...
Outside of the next EQ expansion, Planes of Power.
[54 Cavalier] Jasmeralia Sorrowmist <The Companions> -- Tribunal Server
Hardly. When you have a router/switch (6509), one failure wipes out the entire network.
Enough with the conspiracy theories.
--etrnl--