NetBSD is one of the continuing BSD development efforts, with a goal of porting to multiple platforms. NetBSD is our upstream source for a large portion of the user-space commands and tools.
FreeBSD is one of the ongoing BSD development efforts and is our primary reference platform for current BSD kernel development.
What model of shelves?
I am looking for good alternatives.
ZOMG,/. now has captchas:
To confirm you're not a script, please type the text shown in this image: random letters - if you are visually impaired, please email us at pater@slashdot.org
Last time I checked no one had egress for port 25 open on their nodes and the TOR docs mentioned that IIRC. Personally, I'd like to be able to send non-spam via TOR for testing and low volume uses, but I'd have to run a port 25 enabled exit node myself.
I would agree with abuse, I just think that the term ddos is used more for the cases of overwhelming traffic from thousands or tens of thousands or more different hosts. Since TOR has at most several hundred egress points, it seems that if the attacks are coming from thousands of IP addresses that there must be some non-tor attacks going on - or are they using their own separate TOR network?
BTW, not sure if the firewall you are using can do this, but pf for OpenBSD can do SYN proxying and has per IP TCP connection and connection rate limits - so you can limit the total number of simultaneous TCP connections from one IP and auto-blacklist an IP for exceeding X number of connection attempt per Y timeframe.
Cool netstat graphs, what are you using to create those?
I count only 225 TOR egress points right now, maybe you could compare these to your list of attackers (I spot checked some from your example and I don't see them on the list):
* Red Hat Enterprise Linux 3 (Intel) * SuSE Linux 9.1 (Intel) * SuSE Linux Enterprise Server 9 (Intel) * SuSE Linux Enterprise Server 9 (POWER) * SuSE Linux Enterprise Server 9 (S/390)
I can tell you what I think it is - M33653413
and if it is I'm gonna be kicking some ass over there because I've been nursing that thing along for a year or more and I've always had a feeling about it, it is now 82.58% through the final checks and is supposed to finish in less than a month. I wonder if they have a way to cherry pick and find ones that look promising and snipe them...
A couple of other posts refer to this indirectly.
Bootchart is actually some of the coolest use of graphical display of data I have seen in a while: bootchart
Some of the Solaris 10 guys even used it to improve the boot process on new releases of Solaris 10.
The latest updates (as of a few days ago) continued to streamline the system.
I have two theories, both probably wrong but I want to put them out there just in case.
First are the three compass needles pointing to something - the compass there and two of his other works. Also do all the compasses' North (0 degrees ) point to true North, if not is that a clue also?
Second, what if the question "Can your see anything" is related to the morse code - Could he literally mean "Can you see anything between X and Q". Maybe that alludes the morse code and there is a clue between the morse code letters X and Q?
Re:3 compasses, 3 sculptures do they point somewhe
on
Decrypting Kryptos
·
· Score: 1
Damn, I meant to submit that logged in to see any responses...
Actor Christopher Reeve was found dead in the hopsital suddenly not long ago, after falling into a coma. There weren't any more details. I'm sure everyone on slashdot will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.
Because it allows false positives, it is pretty lossy and loses a lot of info upon encoding.
An (bad) example would be that the "encoding" function is the ascii values for the first and third character before the @ and the first character after the @ - those bits of a 128 bit Bloom filter are "lit up" for your address, so that means:
all map to the same bits being lit up in the bloom filter, there is no real way to "reverse engineer" it and since it does not assume no collisions (unlike MD5 and SHA*) it is not expected to have unique mappings - that's a feature, as they say.
Summary: options to do things that won't work for a large percentage of users.
This is the fuck you attitude of "network and systems administration" it doesn't work for many situations. But it works great for smug SPF and SPEWS supporters to solve every legit objection to these systems.
The truth is, they just don't work well for the poor shmose at the end of a WiFi or unusual ISP situation but they will be crammed down everyone's throat because it makes life easier for some self important email admins.
How many times have you had old scripts stop working because they 'improved' Perl and a particular feature isn't there anymore?
I am not at the level of you or Randy or Larry, but I would guess for most people that it has been basically once perl 4 -> perl 5.
And it will be twice when perl 6 comes out.
Even if it has been more, it seems like alot less deprecated crap than many other languages...
Please explain how you managed to fingerprint DNS servers. The same way you fingerprint OS's via there ip stack. Unusual queries and how the server reacts to them.
http://cr.yp.to/surveys/dns1.html is one among several fingerprinting methodologies.
The accuracy of the sample set is extremely questionable. If you RTFS, he didn't take a sample, he used all the name servers. There aren't that many (which in itself is a interesting commentary on the true size of the internet) - for the.com,.net,.org,.info, and.biz TLDs 37 million domains -> 1 million name server names -> 646,524 unique name server IPs.
The interesting part is is the 27 percent that can't be fingerprinted. My guess is that they would follow a similar pattern to the fingerprintable ones but their firewalls block some of the unusual queries.
why the "logo" for this article on Slashdot is "fork, knife and spoon"
Because they are well known, common items and they have the word patented stamped on them - trying to point out the problem with patents for things that are "obvious to those versed in the art".
Slashdot Mirror
For some reason this has become a common meme, and it is not true according to Apple's page on the subject: From http://developer.apple.com/darwin/projects/darwin
What is GAMMA? I found some projects related to gamma radiation, but not load balancing.
I am looking for good alternatives.
ZOMG,
Last time I checked no one had egress for port 25 open on their nodes and the TOR docs mentioned that IIRC. Personally, I'd like to be able to send non-spam via TOR for testing and low volume uses, but I'd have to run a port 25 enabled exit node myself.
BTW, not sure if the firewall you are using can do this, but pf for OpenBSD can do SYN proxying and has per IP TCP connection and connection rate limits - so you can limit the total number of simultaneous TCP connections from one IP and auto-blacklist an IP for exceeding X number of connection attempt per Y timeframe.
Cool netstat graphs, what are you using to create those?
I count only 225 TOR egress points right now, maybe you could compare these to your list of attackers (I spot checked some from your example and I don't see them on the list):
bind 8,9 and djbdns
original
update
You might want to check out some of his other stuff, too - http://lcamtuf.coredump.cx/
FYI - The header on your page http://www.blastwave.org/articles/BLS-0026/index.h tml links to opensolaris.com (looks like a domain squatter owns that) and not .org like your other pages.
In not "On"
too tired...
On pdf form for a limited time...
pdf of the above doc
I dunno what you been smokin, but Novell gives away SuSE Enterprise Ed now...
Where? Do you mean the eval, is it legal to run without paying a lic fee?
Thanks
I can tell you what I think it is - M33653413
and if it is I'm gonna be kicking some ass over there because I've been nursing that thing along for a year or more and I've always had a feeling about it, it is now 82.58% through the final checks and is supposed to finish in less than a month. I wonder if they have a way to cherry pick and find ones that look promising and snipe them...
A couple of other posts refer to this indirectly.
Bootchart is actually some of the coolest use of graphical display of data I have seen in a while:
bootchart
Some of the Solaris 10 guys even used it to improve the boot process on new releases of Solaris 10.
The latest updates (as of a few days ago) continued to streamline the system.
Elonka, thanks for all your hard work on this
I have two theories, both probably wrong but I want to put them out there just in case.
First are the three compass needles pointing to something - the compass there and two of his other works. Also do all the compasses' North (0 degrees ) point to true North, if not is that a clue also?
Second, what if the question "Can your see anything" is related to the morse code - Could he literally mean "Can you see anything between X and Q". Maybe that alludes the morse code and there is a clue between the morse code letters X and Q?
Damn, I meant to submit that logged in to see any responses...
Actor Christopher Reeve was found dead in the hopsital suddenly not long ago, after falling into a coma. There weren't any more details. I'm sure everyone on slashdot will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.
They seem to have focused specifically on the mass distribution issues (some analysis here)and attempted to address those.
Looks like he might like Pastiche.
Is there any source released for that yet?
I didn't see any... TIA
An (bad) example would be that the "encoding" function is the ascii values for the first and third character before the @ and the first character after the @ - those bits of a 128 bit Bloom filter are "lit up" for your address, so that means:
all map to the same bits being lit up in the bloom filter, there is no real way to "reverse engineer" it and since it does not assume no collisions (unlike MD5 and SHA*) it is not expected to have unique mappings - that's a feature, as they say.
Summary: options to do things that won't work for a large percentage of users.
This is the fuck you attitude of "network and systems administration" it doesn't work for many situations. But it works great for smug SPF and SPEWS supporters to solve every legit objection to these systems.
The truth is, they just don't work well for the poor shmose at the end of a WiFi or unusual ISP situation but they will be crammed down everyone's throat because it makes life easier for some self important email admins.
How many times have you had old scripts stop working because they 'improved' Perl and a particular feature isn't there anymore?
I am not at the level of you or Randy or Larry, but I would guess for most people that it has been basically once perl 4 -> perl 5.
And it will be twice when perl 6 comes out.
Even if it has been more, it seems like alot less deprecated crap than many other languages...
Please explain how you managed to fingerprint DNS servers.
.com, .net, .org, .info, and .biz TLDs 37 million domains -> 1 million name server names -> 646,524 unique name server IPs.
The same way you fingerprint OS's via there ip stack. Unusual queries and how the server reacts to them.
http://cr.yp.to/surveys/dns1.html is one among several fingerprinting methodologies.
The accuracy of the sample set is extremely questionable.
If you RTFS, he didn't take a sample, he used all the name servers. There aren't that many (which in itself is a interesting commentary on the true size of the internet) - for the
The interesting part is is the 27 percent that can't be fingerprinted. My guess is that they would follow a similar pattern to the fingerprintable ones but their firewalls block some of the unusual queries.
why the "logo" for this article on Slashdot is "fork, knife and spoon"
Because they are well known, common items and they have the word patented stamped on them - trying to point out the problem with patents for things that are "obvious to those versed in the art".
Seems like Stanford has those things just lying around eh?
SLAC - At night the ice weasels come... (And some guys are hang around outside checkin' out their BMW motorcycle.)
Peter has lots of ghostly photos from outside and inside SLAC
I thought there was something in the Constitution or the Bill of Rights about not inhibiting interstate travel...