Is your network by anychance connected to the internet ?
Unless you have some absolute need for NetBIOS ( like automatic WINS/DNS updating ) you should disable NetBIOS.
It's not useless at all,it provides a host of useful things for your network, but it is also a huge security risk on internet connected systems.
NetBIOS can degrade a large network tho, if you have a few thousand NT boxes all talking to each other the NetBIOS traffic can get rough.Escpecially when they're all turned on at 8 am and announce themselve sto the network.
Having worked on some big LAN/WAN implementations in the past I can say I'd have liked to have this device. The features allow you to emulate "what'd happen if..." - always nice when you're setting up a few hundred workstations on a WAN and some Induhvidual says that a 1Mb dedicated line is sufficient : )
The article explains that he did take three images in rapid succession.
Re:This would only benefit spammers
on
Norway Bans Spam
·
· Score: 1
Who cares about morals?
A spammer located in norway faces six months _jail_ and / or heavy fines for breaking the law.
While it's true spammers are usually stupid and certainly immoral one would think jail might make them think twice.
The law as it stands from march 1st. is that it's illegal to send spam to anyone who hasn't agreed explicitly to recieve spam from that perticular vendor. In addition the sender of spam will have to wash his "opt in" list against the "I don't want spam" list. So it's a two tiered system.
Also the opt out list, which isn't really an opt out as much as a "it's illegal to spam these folks and we'll throw you in jail if you do" list is only used for washing databses - the government won't be selling or giving away the list to anyone who asks!
All in all we here in Norway will be spared spam form norwegian businesses and persons, the law also governs those forign businesses that do business in norway, so for example Microsoft in the US can't send spam to Norwegian customers about say a product that's spesifically for norway without risking sanctions against Microsoft Norway.( disclaimer : I used MS as an example, I've never received spam from MS )
An interesting question - I think contracters and consultants ( like myself ) prefer hourly billing, as I work 3 hours on salary for every 1 hour I bill. I worked for a major IT company, salaried, with overtime compensation, but quit due to a high amount of nitpicking on the hours reported.
Also there were timesheets and all that crap - get's kinda boring to fill out a timesheet for an hour and 15 mins work that the company bills $150 for and then get hassled about those 15 mins.
My rule of thumb when doing salaried work is that an hour of overtime I work for a client I write down and want compensation for, an hour of overtime looking into an interesting question, installing some fun software on my ws etc. I don't ask compensation for.
Another good rule is - make the workplace a fun place to be, get rid of timesheets unless you need them.
Helllooo - please read the story prior to making comments - The problem revolves around a piece of software that's installed on the users computers which sends information about the users computer, music tastes etc. to the Real Player people. Sufficive to say I'll be setting the internet settings in my real player waaaay wron
I might've been a bit unclear here - the way hostnames are resolved today is that a query for www.foobar.com would go to the root server for.com wich in turn would send you to the nameserver for.foobar.com which would in turn see if there is a host in that domain named www and then return the ip adress to the original requester.
If you had a million tld's you'd need a million root servers, and your request for www.foobar.perty would have to be sent to all of them ( instead of a few requests today you send out a million requests )cause you wouldn't have any hiearchy ( tree structure ). right now the domain name structure is like a tree with a few root servers (.com.org etc ) on top delegating requests to the appropriate domain name servers ( foobar.com, microsoft.com etc ) which keep records of hosts ( www.foobar.com ftp.foobar.com mail.microsoft.com etc )
mainly because tld's don't work like that. when you want to access www.something.com, your computer has to translate that into the host machine's ip adress, so your tci/ip stack asks the.com resolver which machine is in charge of the.something subdomain of.com - goes to the machine in charge of.something.com and asks for the ip of host www in the something domain. id you could have any tld.inc.hippo.conartisist etc you'd need a main dns server for every tld and the net would slow to a halt with all the traffick going on trying to resolve hostnames to ip adresses.
setting the system to crash on full logs means that noone except admin can work on the machine until it's reset, which means noone can do stuff without being logged. So a user couldn't fill up the logs, then do/try anything he/she pleases without getting caught.
Like fill the logs and then d/l sensitive info, insert trojans, change settings etc.
Slashdot Mirror
Is your network by anychance connected to the internet ?
Unless you have some absolute need for NetBIOS ( like automatic WINS/DNS updating ) you should disable NetBIOS.
It's not useless at all,it provides a host of useful things for your network, but it is also a huge security risk on internet connected systems.
NetBIOS can degrade a large network tho, if you have a few thousand NT boxes all talking to each other the NetBIOS traffic can get rough.Escpecially when they're all turned on at 8 am and announce themselve sto the network.
Having worked on some big LAN/WAN implementations in the past I can say I'd have liked to have this device. The features allow you to emulate "what'd happen if..." - always nice when you're setting up a few hundred workstations on a WAN and some Induhvidual says that a 1Mb dedicated line is sufficient : )
The article explains that he did take three images in rapid succession.
Who cares about morals? A spammer located in norway faces six months _jail_ and / or heavy fines for breaking the law. While it's true spammers are usually stupid and certainly immoral one would think jail might make them think twice. The law as it stands from march 1st. is that it's illegal to send spam to anyone who hasn't agreed explicitly to recieve spam from that perticular vendor. In addition the sender of spam will have to wash his "opt in" list against the "I don't want spam" list. So it's a two tiered system. Also the opt out list, which isn't really an opt out as much as a "it's illegal to spam these folks and we'll throw you in jail if you do" list is only used for washing databses - the government won't be selling or giving away the list to anyone who asks! All in all we here in Norway will be spared spam form norwegian businesses and persons, the law also governs those forign businesses that do business in norway, so for example Microsoft in the US can't send spam to Norwegian customers about say a product that's spesifically for norway without risking sanctions against Microsoft Norway.( disclaimer : I used MS as an example, I've never received spam from MS )
As do I - sergente.slashdot@survivalnet.org.
I almost always know where the spammer got my email adress - of course sometimes they get my email from whois db's around.
Actually you're paraphrasing Jim Toomey - author of Sherman's Lagoon - which released the book: Poodles - The other White Meat
- other than that - agree 100% - never seen a forst release without bugs yet - who out there's using 1.* kernels?
actually it's a link with spaces - the url doesn't have spaces - you could write an url with spaces, but it wouldn't work very well ; )
An interesting question - I think contracters and
consultants ( like myself ) prefer hourly billing,
as I work 3 hours on salary for every 1 hour I bill.
I worked for a major IT company, salaried, with overtime compensation, but quit due to a high amount of nitpicking on the hours reported.
Also there were timesheets and all that crap - get's kinda boring to fill out a timesheet for an hour and 15 mins work that the company bills $150 for and then get hassled about those 15 mins.
My rule of thumb when doing salaried work is that an hour of overtime I work for a client I write down and want compensation for, an hour of overtime looking into an interesting question, installing some fun software on my ws etc. I don't ask compensation for.
Another good rule is - make the workplace a fun place to be, get rid of timesheets unless you need them.
Helllooo - please read the story prior to making comments - The problem revolves around a piece of software that's installed on the users computers which sends information about the users computer, music tastes etc. to the Real Player people. Sufficive to say I'll be setting the internet settings in my real player waaaay wron
I might've been a bit unclear here - .com wich in turn would send you to the nameserver for .foobar.com which would in turn see if there is a host in that domain named www and then return the ip adress to the original requester.
.com .org etc ) on top delegating requests to the appropriate domain name servers ( foobar.com, microsoft.com etc ) which keep records of hosts ( www.foobar.com ftp.foobar.com mail.microsoft.com etc )
the way hostnames are resolved today is that a query for www.foobar.com would go to the root server for
If you had a million tld's you'd need a million root servers, and your request for www.foobar.perty would have to be sent to all of them ( instead of a few requests today you send out a million requests )cause you wouldn't have
any hiearchy ( tree structure ).
right now the domain name structure is like a tree with a few root servers (
mainly because tld's don't work like that. when you want to access www.something.com, your computer has to translate that into the host machine's ip adress, so your tci/ip stack asks the .com resolver which machine is in charge of the .something subdomain of .com - goes to the machine in charge of .something.com and asks for the ip of host www in the something domain. id you could have any tld .inc .hippo .conartisist etc you'd need a main dns server for every tld and the net would slow to a halt with all the traffick going on trying to resolve hostnames to ip adresses.
Yes - if it's configured to do that.
All secure systems should tho C2 req.
setting the system to crash on full logs means that noone except admin can work on the machine
until it's reset, which means noone can do stuff without being logged.
So a user couldn't fill up the logs, then do/try anything he/she pleases without getting caught.
Like fill the logs and then d/l sensitive info, insert trojans, change settings etc.