I cant speak for Firefox in particular, but Mozilla did have a configure option for compiling in the Boehm's garbage collector. Supposedly it was mostly used for leak testing though.
I've noticed these scripts on my logs before attempting to access my machine (its a moot point now given my network setup, but...), how would you limit from occurring?
I'd like to do the following: If two failed connections with nonexistant usernames are used or three with a known user name, block the connectors IP subnet for a certain time (with the exception of a couple known good subnets).
The blocking would be the easy part, since some script could control iptables (or pf on a bsd machine). But outside of doing creative monitoring with with auth.log, is there another way to detect failed logins?
Try a nonsense phrase, such as:
King Andy Gumps reign below all evil caviar for last 5 weeks special.
Its not likely to be vulnerable to a dictionary attack and since its a nonsense phrase, most of the word pairs arent likely to be used together -- as opposed to "Happy Birthday" (ok, Andy Gump is a pair)
The new Debian installer does Debian testing. The article mentions one for woody.
That said, I do agree that the new installer is quite straightforward and did detect all my hardware, and I agree that this new installer isn't going to be a longterm solution as the new Debian installer will be the default when sarge becomes the next stable.
Re:Who cares what most Americans think?
on
Evoting in the News
·
· Score: 2, Interesting
I think people not in IT have a perception that large quality software projects are easy to do. Plus, the general public probably has not followed this particular story (or probably at least outside of California).
Yeah, maybe a Windows app might crash every now and then, but it doesn't entirely alter that non-technical person's perception of industry.
On the other hand, we know that flaws exist all the time. Many of us here feel that at least of any software, that the software used in voting machines outght to be available. We know that software needs plenty of testing before its put into production.
I like to use assertions to debug code. Why? Under Unix, you get a nice core dump to feed back into your debugger, that shows the state of your program when it died. If you use MSVC++'s ide to run your program in debug mode, it will also stop at the assertion.
Of course, some creative tinkering with a debugger might lead to the same result too, but I find assert() more convenient. Also, common sense tells us that a multifaceted approach to debugging code is best anyway (reading it, creating test scaffolds, asserts and/or exceptions, running it through a debugger, etc.)
When KDE went to 3.0 and GNOME to 2.0, there seemed to be a bit of role reversal. The 1.x GNOME control center (along with Sawfish) had about the the same number of choice as what KDE has now. I suspect the GNOME developers decided that people weren't too apt to mess with some of those, so they were simply dropped. KDE has all those choices (well, similar ones), but they were better organized than GNOME 1.x.
One of the traits of KDE is that it trys in many ways to emulate many of the other types of desktop environments; there are a lot of configuration options to make it look and feel like MS Windows, OS 9, OS X, CDE, etc. GNOME, on the other hand, pretty much just implements a MS Windows style UI.
I don't have a strong preference as to which D.E. I use. I end up using GNOME more, just because thats just what startx points to on my system. However, I'd be just as happy using KDE.
through businesses like Red Hat trying to make a profit
Ah, but making a profit isn't necessarily a bad thing, its just how you go about it. Afterall, Red Hat does employ people that develop OSS software, like Gnome, the kernel, XFree86, gcc, cygwin, as well as a few other popular applications. I don't think anyone of us has a problem if the profit goes back into development.
What is the excuse for vendors of email software (filtering or end-user) perpetrating unawareness of this basic property of email?
I have a hunch that the average Joe or Jane probably doesn't care about or what to do with tags such as: MessageID: H0007c9c151181e2.mail.provider@MHS Content-Transfer-Encoding: quoted-principle MIME-Version: 1.0
Personally, I couldn't care less what version of MIME someones email client uses. I care primarily about sender, subject, and time.
I went to a community college for four years.
Why? I wasn't sure what I wanted to major in. Its a lot cheaper and easier to modify a career path at a community college than at a university. I spent two years as a Business major before switching to Computer Science.
I was pretty satisfied with the education I had a two year college, although moreso now at the four year university I ultimately transferred into.
I wouldn't think they are reliable at all. Mandrake linux had a noticable link to li.org on their forum page, whereas Slackware doesn't link to them. If I hadn't been a user of Mandrake, I probably never would have visited the site and never have registered.
Aside from a national poll conducted with randomly selected people, browser information collected at a site like google.com or yahoo.com is probably the most accurate way of determining Desktop linux use.
Slashdot Mirror
IIRC, they reviewed Lindows or Linspire once; however, they didn't seem to like it much.
I cant speak for Firefox in particular, but Mozilla did have a configure option for compiling in the Boehm's garbage collector. Supposedly it was mostly used for leak testing though.
-- Newbie sysadmin question --
I've noticed these scripts on my logs before attempting to access my machine (its a moot point now given my network setup, but...), how would you limit from occurring?
I'd like to do the following: If two failed connections with nonexistant usernames are used or three with a known user name, block the connectors IP subnet for a certain time (with the exception of a couple known good subnets).
The blocking would be the easy part, since some script could control iptables (or pf on a bsd machine). But outside of doing creative monitoring with with auth.log, is there another way to detect failed logins?
I believe it falls under the category of "If you don't recognize this program, it is spyware".
It is useful, but it could absolutely cause problems if installed maliciously.
Try a nonsense phrase, such as:
King Andy Gumps reign below all evil caviar for last 5 weeks special.
Its not likely to be vulnerable to a dictionary attack and since its a nonsense phrase, most of the word pairs arent likely to be used together -- as opposed to "Happy Birthday" (ok, Andy Gump is a pair)
Its more than simply getting the packages onto the system, a good package management system keeps you informed when relevant updates are available.
I personally find that more convenient than browsing freshmeat or subscribing to lots of different mailing lists.
The new Debian installer does Debian testing. The article mentions one for woody.
That said, I do agree that the new installer is quite straightforward and did detect all my hardware, and I agree that this new installer isn't going to be a longterm solution as the new Debian installer will be the default when sarge becomes the next stable.
I think people not in IT have a perception that large quality software projects are easy to do. Plus, the general public probably has not followed this particular story (or probably at least outside of California).
Yeah, maybe a Windows app might crash every now and then, but it doesn't entirely alter that non-technical person's perception of industry.
On the other hand, we know that flaws exist all the time. Many of us here feel that at least of any software, that the software used in voting machines outght to be available. We know that software needs plenty of testing before its put into production.
I like to use assertions to debug code. Why? Under Unix, you get a nice core dump to feed back into your debugger, that shows the state of your program when it died. If you use MSVC++'s ide to run your program in debug mode, it will also stop at the assertion.
Of course, some creative tinkering with a debugger might lead to the same result too, but I find assert() more convenient. Also, common sense tells us that a multifaceted approach to debugging code is best anyway (reading it, creating test scaffolds, asserts and/or exceptions, running it through a debugger, etc.)
Obviously its an April Fools joke, but it sounds a lot like what Sen Hatch proposed last year.
When KDE went to 3.0 and GNOME to 2.0, there seemed to be a bit of role reversal. The 1.x GNOME control center (along with Sawfish) had about the the same number of choice as what KDE has now. I suspect the GNOME developers decided that people weren't too apt to mess with some of those, so they were simply dropped. KDE has all those choices (well, similar ones), but they were better organized than GNOME 1.x.
One of the traits of KDE is that it trys in many ways to emulate many of the other types of desktop environments; there are a lot of configuration options to make it look and feel like MS Windows, OS 9, OS X, CDE, etc. GNOME, on the other hand, pretty much just implements a MS Windows style UI.
I don't have a strong preference as to which D.E. I use. I end up using GNOME more, just because thats just what startx points to on my system. However, I'd be just as happy using KDE.
Actually its great timing. All those dateless gamers have something to will be too busy fragging to think about Valentines day weekend.
here
Ah, but making a profit isn't necessarily a bad thing, its just how you go about it. Afterall, Red Hat does employ people that develop OSS software, like Gnome, the kernel, XFree86, gcc, cygwin, as well as a few other popular applications. I don't think anyone of us has a problem if the profit goes back into development.
http://www.cs.unm.edu/~dlchao/flake/doom/ I haven't gotten it to compile on my system though, YMMV.
I have a hunch that the average Joe or Jane probably doesn't care about or what to do with tags such as:
MessageID: H0007c9c151181e2.mail.provider@MHS
Content-Transfer-Encoding: quoted-principle
MIME-Version: 1.0
Personally, I couldn't care less what version of MIME someones email client uses. I care primarily about sender, subject, and time.
I went to a community college for four years. Why? I wasn't sure what I wanted to major in. Its a lot cheaper and easier to modify a career path at a community college than at a university. I spent two years as a Business major before switching to Computer Science. I was pretty satisfied with the education I had a two year college, although moreso now at the four year university I ultimately transferred into.
Back in February, a very similar case occured with the BSA mistaking an RPM distribution of OpenOffice with MS Office.
If Microsoft and the RIAA could ever be pitted against each other, I believe would we have to call it the "Ultimate Lawyer Deathmatch Smackdown"
I wouldn't think they are reliable at all. Mandrake linux had a noticable link to li.org on their forum page, whereas Slackware doesn't link to them. If I hadn't been a user of Mandrake, I probably never would have visited the site and never have registered. Aside from a national poll conducted with randomly selected people, browser information collected at a site like google.com or yahoo.com is probably the most accurate way of determining Desktop linux use.