Looking for free ISOs? Make my own? That's just what I was talking about, FYI. I don't care enough to somehow create my own iso, I simply download one and install it.
Hi Ulrich.
I did a quick search for where you might be located, to point you to an appropriate ftp server if you ever change your mind and noticed that you're into some interesting languages, including assembler. So I wouldn't be calling you a dumbass. ; )
If at some stage in the future you might like to try making your own OpenBSD CD. It is quick and easy for i386.
From one of the ftp sites like ftp://ftp.de.openbsd.org/pub/OpenBSD/3.8/i386 just download the files in that directory and use cdrom38.fs as the 2.88Mb boot floppy image as an El-Torito boot image. You should be able to do this no problem with mkisofs, I'm lazy and just use Nero from a Windows machine, but I should script it one day.
Typically your arch of choice will be about 150Mb. For stuff like sparc64 and macppc I use the appropriate cdrom38.iso image and then perform a network install or swap CD's when it comes time to copy files off the CD if you choose to install from CD.
I like NetBSD, because it's fast enough IMHO, and very clean and well documented. If you want maximum performance, and maybe more multimedia drivers, get FreeBSD; if you're paranoid, use OpenBSD.
I think there is a lot more to OpenBSD though. I find it is very clean in layout and the documentation is great. OpenBSD also has some cool features and great WiFi support.
I love using them all BTW. I use OpenBSD whenever I don't need extreme speed. I really wish OpenBSD had unified buffer cache, I find NetBSD's UBC is hyper fast and I assume FreeBSD also has UBC because it is also that fast (a little faster). To test this, make a large file (must be larger than half your RAM size) and then write a script to read it over and over and couple thousand times. Perhaps insert an echo into the loop to show the current iteration number. FreeBSD and NetBSD are hyper fast, OpenBSD is much slower (the performance delta depends on the difference between RAM and disk speed) and the various Linux distros I've tried seem to be broken when trying this (ridiculously slow).
You should note that NetBSD and FreeBSD read the file off disk once (disk light activity seen) and then read the file over and over again from RAM (disk activity light out). With OpenBSD the disk activity light is constantly on for each iteration (Due to simultaneous caching AND buffering? Because more that half RAM size can't fit in RAM twice?). I thought Linux had UBC but it also has the disk activity light constantly on, yet it is MUCH MUCH slower than OpenBSD!
What's the story here? When I was testing this I was expecting newer distros of Linux (SuSE 10, Ubuntu) to be a little faster than FreeBSD.
Everything stays consistent over the long term, so instead of continually re-learning the latest python-based gui-goop config utility, you gradually learn what each and every line in the important files in/etc is for.
That's what I love about the BSD's. I can install OpenBSD, NetBSD or FreeBSD in minutes with X because they are consistent and not bloated. I mostly use OpenBSD, however once I start installing one of the others, the differences come back to me quickly because they have each been consistent.
I love that. They are familiar tools for me and which enable me to work at my capacity. Trying something and then finding that it fails because something has been deprecated or replaced is not good. I think that shows an experimental feel to the various Linux distros which indulge in those "improvements".
Where are such tools? If I knew such things existed, I would have experimented in "bricking" some of my machines YEARS ago
Well there is UNIFLASH with source code. Then there are the likes of CBROM and AMIBCP to modify BIOS images and remove and add/enable drivers, functionality and boot screen graphics. Here and here are good places for info and tools.
here is a link you can find more by searchiung around. Mainboard manufacturer support sites like msi's even have instructions for it
Thanks very much for that. That is one to bookmark!
From the sounds of the first paragraph regarding AMI recovery, at least the boot block portion of the BIOS must be working. I've just been tinkering with BIOS modification (of AMI) recently because my Sony VAIO has very basic options available and I seem to be having ACPI issues preventing FreeBSD 6.0 Rel from being installed. So I am trying to unlock the usual options. I noticed during this that the default behaviour of an AMI BIOS flashing is to flash the new BIOS without touching the boot block or config area of the BIOS. So this is why. Cool.
The whole BIOS can be flashed over, however I doubt that is ever done by default or even something someone could accidentally do without using specific command line switches.
The scary thing with my VAIO is, it has no floppy controller or drive and also refuses to boot from an external USB floppy drive. So I am treading very carefully.
He made one really valid point in my eyes. As much as OpenBSD can harp about how secure they are can they harp about how they include all the usability functions and features that XP does in the default install?
"Usability" for who? I work in computer forensics and perform analysis on various types of files. For me a lot of usability comes from Unix like operating systems. I mostly prefer to use the BSD's for this because I have flexibility to script my way quickly around some hairy problems, which is only limited by my imagination.
I don't want the crud that comes with XP and XP does not come with the powerful tools which enable me to work so effectively in OpenBSD for example. Also, the foundation of an OS, the kernel, is pretty damn important. OpenBSD gets it right with little resources, but Microsoft gets it very wrong with INCREDIBLE resources.
I don't believe it is valid to say, "sure we give you lots of security problems, but we also give lots more software". Regardless, they have mind boggling resources, so why not compare thier SHIT with Apple's OSX? Lets see him talk his way out of that one.
His claim is that OpenBSD is only one part of the "stack", and the other parts that Theo doesn't care about have all the common issues.
I think you need to show some minimal reading comprehension because he did NOT say that. He refered to OpenBSD as securing only one part of the stack and refered to that stack as being the kernel.
Well this is just completely wrong. Maybe he is trying to perform a subtle attack on OpenBSD as he would on Linux ("Linux is a kernel"). However OpenBSD is not just/bsd, it is the whole system which is installed by default. This includes the install media images, installer, filesystem layout and permissions, mount options, defaults in configuration files, all the installed userspace utilities, some 3rd party applications like Perl, Apache and Sendmail and good documentation helps retain security for people who are willing to read, etc.
Now lets see, OpenBSD audits and takes care of their own Apache tree. So he is WRONG on that for the installed by default www server in OpenBSD. They audit the version of Sendmail which they provide. So he is WRONG on that for the installed by default mail server in OpenBSD. They audit the version of Perl which they provide in a default install. Se he is WRONG yet again. Same deal for all the userspace stuff installed by default which is NOT the kernel.
Mike Nash is either a very stupid ignorant man, or a deceitful liar.
I expect nothing less than SCUM from Microsoft though.
I wasn't talking about dual bios or anyhting. I'm talking about changing the name of a flash rom and inserting it into a floppy at startup.
Since before the pentium branding chips cam about,some/most hardware would look directly at the floppy drive for instructions if the bios didn't provide any alternatives. You would rename a bios rom from Whatever.bin to amiboot.rom place it on a floppy by itself then boot the computer. Sometimes you had to hit crt+home. Wait ofr several beeps to occur then remov ethe floppy and reboot the computer. Ala recovered. Sometimes you had to create a autoexec.bat file to run a flash program but most of the time, the AMIBOOT.ROM worked.
Do you have any links to these procedures? I've never heard of anything like this. It sounds really odd because the job of the BIOS is to find and initialize the hardware (on motherboard and attached to the motherboard) and then boot whatever the BIOS was instructed to boot (floppy, CDROM, HDD, NIC, etc). Those first need to be found and initialized by the BIOS to typically be accessible though. Whenever I've seen a machine with a bung BIOS, it would just do nothing when you switch it on. No HDD or floppy accesses, nothing.
You mention that you copy and rename a BIOS image file to floppy and the hardware would deal with it automatically. So this means that the motherboard has logic to deal with FAT12 at a level lower than the BIOS. Also what good is an autoexec.bat if you have no BIOS to boot the boot sector which boots a kernel or boot loader which then boots a kernel which then parses autoexec.bat?
I would be astonished that I have not heard about this before, if this is true.
From my knowledge, the basic boot process goes 1. very basic chipset code which executes 2. BIOS which probes and inits hardware then reads it's config to then boot 3. some boot sector on a boot compatible device which has been prior detected and readied for such accesses.
I have heard about this technique you are speaking of, but that was with motherboards which had a dual BIOS, where you had the full configurable BIOS and then an extremely basic read-only recovery BIOS.
I'm amazed that people are even swaping the chips. Most modern bios' have had a way to recover form a corupt/failed bios for years.
I did this mostly with old Socket 7's. I know there are some nice mobos with dual BIOS and fancy protection for a failed flash or chip, but I never came across any which I actually had to flash.
You do know it's typically a Bad Idea to swap cards, chips, memory, etc. while a computer* is running, right? That's what makes his success noteworthy.
This is not all that uncommon a procedure though. I've done this with some old boards. I tend to use the machines I find on the street for swapping live EEPROMS though.
Once I accidentally put an EEPROM back in the wrong way around (unforgivable with my electronics background) and the little plastic sticker which normally would cover the window (which was not actually there on this chip) blistered from the heat almost instantly. I switched it off real quick, the chip was unbearably hot to touch, but once it cooled down and I placed it the correct way around, it worked fine to my complete astonishment!
I wasn't too worried because I have a tendency to take the EEPROM chips off dead mobos, to have spares for a rainy day.
I thought it was pretty cool when I first performed a live EEPROM swap and burn and have it actually work to resurrect a board. It also meant that I was able to feel a lot more confident modifying AWARD modular BIOS with driver removals and additions.
At the moment my BIOS woes include trying to get a replacement BIOS for my expensive Sony VAIO VGN-A49GP, because it has very few options and seemingly ACPI issues which I would like to just remedy or disable with a BIOS upgrade. I'm being a lot more cautious with this one though. ; ) AMI supposedly sell BIOS upgrades but they have not returned my emails. Flashing a $5,000 AU Sony laptop with a non-Sony firmware is a little scarey to say the least.
I think that many of the chipset makers are afraid of the legal liability that widespread software controllable radios could bring on. I'm actually suprised that some jackass hasn't been caught jamming police or airport radios.
In my part of the World, police radios use frequencies around 470MHz. Radios designed to transmit at 2.4GHz and 5GHz don't tend to work too well at 470MHz. It is not too hard to make a wide band receiver, however wideband transmitters tend to be efficient at a given band and then mostly terrible outside of that. Normally a transmitter designed to transmit of multiple bands, will actually have seperate transmit sections for each desired band. I have an old Yaesu FT-411 2m 144MHz-148MHz tranceiver. I modified it (digital unlock with some soldering) for wider receiver coverage, however this also allowed it to transmit on a slightly wider band. With the provided antenna and precise transmitter tuning, it is crap only a little outside of the intended band.
802.11b/g is close to the same frequencies which many cordless phones, mice, keyboards, microphones, etc work at, and dred of all dreds microwave ovens. My 802.11b card came with a simple spectrum analyzer with the software, so that the user can choose a quiet channel. I can always tell if someone near me or my girlfriend switches on the microwave oven, because connectivity goes to hell and the spectrum analyzer lights go nuts flashing around full power on every single channel. It doesn't help that my AP is quite far away, but anyway I think this shows that the FCC have chosen to lump consumer radio goods into the filthy garbage dump of the spectrum.
The FCC would not lump police radios near the deafening RF roar of the Worlds microwave ovens. Sure they may be sealed well, but only a little of that typically 1kWatt of RF at 2.4GHz needs to get out to mess with devices around the same freq.
The potential impact of this may mean the shutdown of Blackberry's network.
Surely this would not mean that the Blackberry network would be shutdown? Am I naive to think that this would instead mean that RIM's value would decend constantly, nobody would want to buy them EXCEPT for NTP, who would buy them at rock bottom prices and then aquire the network and most importantly the customer base (ie. high pressure money pipe) which goes with it?
"The" law seems to be grossly manipulated by good actors (plaintiffs, lawyers, attorneys, barristers, witnesses, etc) who work it for nothing but money. It seems that rather than seeing themselves needing to defend their property, they instead see opportunity to take someone elses "in the name of defending their own".
How many servers do you use to route traffic through? Can you give a rough outline of your network with a diagram?:]
You might have to imagine a 5 legged firewall seperating 4 internal networks (internal, server, VoIP and DMZ) from each other and the Internet.
2 servers in a seperate "server" network. One acts as a web/mail server and the other acts as a web proxy, dns and ntp time server. They are in their own "server" network and each also have their own appropriate internal pf config.
The internal network has very limited access to the internet "directly" (like only ssh), but can initiate connections to the server network for other essential services and also very limited access to the VoIP network to manage VoIP devices. But cannot ever allow connections to or from the DMZ network. The server, VoIP and DMZ networks can never initiate any connections to any other internal network, including "internal" (the only connections they can initiate are to the internet and then only on allowed ports and sometimes to allowed IP's).
The VoIP network is dedicated to VoIP traffic with appropriate rules.
The DMZ network is for messing around with networking and untrusted applications. Learning, experimentation, etc. The type of tinkering which I would only want to do with expendable machines on a worthless network.
I port forward selected ports on the external interface to the server, VoIP and DMZ networks, as need be.
I am also using prioritization and bandwidth throttling to ensure time critical applications (like VoIP, gaming, interactive ssh and empty acknowledgement packets) get the responsiveness and bandwidth (VoIP and gaming) they need. After that I prioritize stuff like web before mail, etc, leaving whatever remains (like P2P) to have the lowest priority and least bandwidth.
I log almost everything which is blocked, to a decent sized hard drive. The great thing about OpenBSD pf logging, is that it logs the actual packets. So I can later look at the traffic in as much detail as I would like (offline on a seperate machine with Ethereal for example).
This is only a home network, so I have tried to limit this setup to something managable as far as power and cabling goes. Part of me wants the super low power of Soekris or WRAP devices, but then the other part of me loves Sun gear way too much. If only I could get something like Soekris gear, but with an embedded sparc64 with Sun compatible OpenFirmware. If I could have 4 sparc64 machines running OpenBSD and each drawing 5 or 10 Watts, I would be pretty happy. I think I would pay WAY too much money for something like that. With about 20 machines in my home up and running and lots more in parts, I am surprised my girlfriend has not packed her bags by now. ; )
I'm sure many people probably would consider this overkill and I certainly don't need this elaborate setup. But this mostly just exists to feed my interest in networking.
I stopped using TOR when I discovered the name of one of the common exit nodes. I forget exactly what it was, but I kid you not, it was something like "datapirates.org".
I thought you were going to say, "I stopped using TOR when I discovered the name of one of the common exit nodes was *.navy.mil". Because that would not surprise me considering that it is based on an onion routing scheme developed by the US Navy.
You're MAC address isn't used outside of your subnet.
It will not always be the case that everyone within "ear shot" of your subnet is friendly to your dodgy ways.
Take this scenario: You jump onto one of the multitude of wide open WAP's in your neighbourhood to get up to some mischief. That person is raided with a search warrant (or if you're in the USA: with a twitchy GWB) and the forensics guys find a MAC address in the DHCP lease table of that WAP which does not match any of the suspects machines. They easily find out the vendor from the vendor portion of the MAC address and then contact that vendor, asking the vendor where that card was sold. Meanwhile, the elderly couple suspects seem innocent, since they're pretty IT clueless and no other evidence can be found on thier computers. So the vendor checks the MAC tables against batch numbers, finds the batch and then checks where that batch was sold. Sold to the such-and-such NewEgg. They contact NewEgg to find out exactly who bought that card or otherwise get a list of people who bought that model from that store. It just so happens, that ONE of the people on that list lives within 300m of the suspect.
They pay YOU a visit. Feeling cocky because you used some random persons WAP, you carelessly left the evidence of your wrong doings on your PC which has that very MAC address.
That's the remaining gotcha that can reliably get you ID'd.
About a year ago, just for the heck of it, I wrote a script to modify my MAC address to random values, each time the interface is brought up. Worked fine as long as the first digit (0) (or was it first 2 digits (00) were set to zero. I was having problems with it and noticed that these problems only occured when they were non zero values. I assumed non-zero values for the first certain number of bits made the address somehow invalid.
I never really used it out of my initial interest and never bothered looking up the RFC to find out why.
ingress: packets coming in. egress: packets going out.
Firewalls can be configured to selectively allow traffic coming in or even block all traffic coming in. Same deal for traffic going out. Apparently Anonym.OS is configured to only allow encrypted traffic to leave the machine it is running on and only allow the replies to that traffic back in and nothing else.
Often people will block incoming traffic, allow ALL outgoing traffic and allow incoming replies to that outgoing traffic. I prefer to block all incoming and only allow outgoing for allowed ports with the associated replies of course being allowed in. Most of my outgoing traffic must first pass through servers in a seperate network, with each network having explicit allow rules for traffic between each other and the internet. This seems extreme to some people, however the only real cost is less idle time on my 5 port Sun firewall (OpenBSD). As long as my firewall does not spend too much time with idle at 0%, I feel this "cost" is well worth the added security. At the end of the day, I notice no impact as a user, nor does my girlfriend.
Slashdot Mirror
Starcraft+Broodwar
Diablo II
Battlefield 2 (until BF3 comes out)
When are Blizzard going to come out with a Starcraft 2? SC is excellent.
Looking for free ISOs? Make my own? That's just what I was talking about, FYI. I don't care enough to somehow create my own iso, I simply download one and install it.
Hi Ulrich.
I did a quick search for where you might be located, to point you to an appropriate ftp server if you ever change your mind and noticed that you're into some interesting languages, including assembler. So I wouldn't be calling you a dumbass. ; )
If at some stage in the future you might like to try making your own OpenBSD CD. It is quick and easy for i386.
From one of the ftp sites like ftp://ftp.de.openbsd.org/pub/OpenBSD/3.8/i386 just download the files in that directory and use cdrom38.fs as the 2.88Mb boot floppy image as an El-Torito boot image. You should be able to do this no problem with mkisofs, I'm lazy and just use Nero from a Windows machine, but I should script it one day.
Typically your arch of choice will be about 150Mb. For stuff like sparc64 and macppc I use the appropriate cdrom38.iso image and then perform a network install or swap CD's when it comes time to copy files off the CD if you choose to install from CD.
There are some good guides for doing this.
Must be a bug.
Speaking of bugs. Has slashdot been really slow lately (every now and then) for anyone else here or just me?
I like NetBSD, because it's fast enough IMHO, and very clean and well documented. If you want maximum performance, and maybe more multimedia drivers, get FreeBSD; if you're paranoid, use OpenBSD.
I think there is a lot more to OpenBSD though. I find it is very clean in layout and the documentation is great. OpenBSD also has some cool features and great WiFi support.
I love using them all BTW. I use OpenBSD whenever I don't need extreme speed. I really wish OpenBSD had unified buffer cache, I find NetBSD's UBC is hyper fast and I assume FreeBSD also has UBC because it is also that fast (a little faster). To test this, make a large file (must be larger than half your RAM size) and then write a script to read it over and over and couple thousand times. Perhaps insert an echo into the loop to show the current iteration number. FreeBSD and NetBSD are hyper fast, OpenBSD is much slower (the performance delta depends on the difference between RAM and disk speed) and the various Linux distros I've tried seem to be broken when trying this (ridiculously slow).
You should note that NetBSD and FreeBSD read the file off disk once (disk light activity seen) and then read the file over and over again from RAM (disk activity light out). With OpenBSD the disk activity light is constantly on for each iteration (Due to simultaneous caching AND buffering? Because more that half RAM size can't fit in RAM twice?). I thought Linux had UBC but it also has the disk activity light constantly on, yet it is MUCH MUCH slower than OpenBSD!
What's the story here? When I was testing this I was expecting newer distros of Linux (SuSE 10, Ubuntu) to be a little faster than FreeBSD.
Everything stays consistent over the long term, so instead of continually re-learning the latest python-based gui-goop config utility, you gradually learn what each and every line in the important files in /etc is for.
That's what I love about the BSD's. I can install OpenBSD, NetBSD or FreeBSD in minutes with X because they are consistent and not bloated. I mostly use OpenBSD, however once I start installing one of the others, the differences come back to me quickly because they have each been consistent.
I love that. They are familiar tools for me and which enable me to work at my capacity. Trying something and then finding that it fails because something has been deprecated or replaced is not good. I think that shows an experimental feel to the various Linux distros which indulge in those "improvements".
That's a lot of toast!
In Soviet Russia, toast eats you!
What about EFI?
What about OpenFirmware in my Sun machines with the PROM read-only jumper set ON?
; )
Where are such tools? If I knew such things existed, I would have experimented in "bricking" some of my machines YEARS ago
Well there is UNIFLASH with source code. Then there are the likes of CBROM and AMIBCP to modify BIOS images and remove and add/enable drivers, functionality and boot screen graphics. Here and here are good places for info and tools.
I wish I could use BSD. Unfortunately, I am on the PPC platform (I own a Powerbook).
Don't like OSX?
here is a link you can find more by searchiung around. Mainboard manufacturer support sites like msi's even have instructions for it
Thanks very much for that. That is one to bookmark!
From the sounds of the first paragraph regarding AMI recovery, at least the boot block portion of the BIOS must be working. I've just been tinkering with BIOS modification (of AMI) recently because my Sony VAIO has very basic options available and I seem to be having ACPI issues preventing FreeBSD 6.0 Rel from being installed. So I am trying to unlock the usual options. I noticed during this that the default behaviour of an AMI BIOS flashing is to flash the new BIOS without touching the boot block or config area of the BIOS. So this is why. Cool.
The whole BIOS can be flashed over, however I doubt that is ever done by default or even something someone could accidentally do without using specific command line switches.
The scary thing with my VAIO is, it has no floppy controller or drive and also refuses to boot from an external USB floppy drive. So I am treading very carefully.
Are you counting your patches for Apache, and Perl or PHP or whatever other CGI, and so forth? Are those considered part of OpenBSD?
Apache and Perl are considered a part of OpenBSD and they are maintained in-project seperately from the official Apache and Perl.
He made one really valid point in my eyes. As much as OpenBSD can harp about how secure they are can they harp about how they include all the usability functions and features that XP does in the default install?
"Usability" for who? I work in computer forensics and perform analysis on various types of files. For me a lot of usability comes from Unix like operating systems. I mostly prefer to use the BSD's for this because I have flexibility to script my way quickly around some hairy problems, which is only limited by my imagination.
I don't want the crud that comes with XP and XP does not come with the powerful tools which enable me to work so effectively in OpenBSD for example. Also, the foundation of an OS, the kernel, is pretty damn important. OpenBSD gets it right with little resources, but Microsoft gets it very wrong with INCREDIBLE resources.
I don't believe it is valid to say, "sure we give you lots of security problems, but we also give lots more software". Regardless, they have mind boggling resources, so why not compare thier SHIT with Apple's OSX? Lets see him talk his way out of that one.
His claim is that OpenBSD is only one part of the "stack", and the other parts that Theo doesn't care about have all the common issues.
/bsd, it is the whole system which is installed by default. This includes the install media images, installer, filesystem layout and permissions, mount options, defaults in configuration files, all the installed userspace utilities, some 3rd party applications like Perl, Apache and Sendmail and good documentation helps retain security for people who are willing to read, etc.
I think you need to show some minimal reading comprehension because he did NOT say that. He refered to OpenBSD as securing only one part of the stack and refered to that stack as being the kernel.
Well this is just completely wrong. Maybe he is trying to perform a subtle attack on OpenBSD as he would on Linux ("Linux is a kernel"). However OpenBSD is not just
Now lets see, OpenBSD audits and takes care of their own Apache tree. So he is WRONG on that for the installed by default www server in OpenBSD. They audit the version of Sendmail which they provide. So he is WRONG on that for the installed by default mail server in OpenBSD. They audit the version of Perl which they provide in a default install. Se he is WRONG yet again. Same deal for all the userspace stuff installed by default which is NOT the kernel.
Mike Nash is either a very stupid ignorant man, or a deceitful liar.
I expect nothing less than SCUM from Microsoft though.
Hell, go look back through old branches of OpenBSD and you'll see a litany of flaws silently patched over the years.
Flaws? Bugs? Not all bugs are capable of causing a DoS or remote exploit.
OpenBSD users are warned of IMPORTANT errata. However users can always upgrade to -stable at any point and as often as they wish.
They are not "silently patched" when you consider every single patch is commited to an open CVS.
I wasn't talking about dual bios or anyhting. I'm talking about changing the name of a flash rom and inserting it into a floppy at startup.
Since before the pentium branding chips cam about,some/most hardware would look directly at the floppy drive for instructions if the bios didn't provide any alternatives. You would rename a bios rom from Whatever.bin to amiboot.rom place it on a floppy by itself then boot the computer. Sometimes you had to hit crt+home. Wait ofr several beeps to occur then remov ethe floppy and reboot the computer. Ala recovered. Sometimes you had to create a autoexec.bat file to run a flash program but most of the time, the AMIBOOT.ROM worked.
Do you have any links to these procedures? I've never heard of anything like this. It sounds really odd because the job of the BIOS is to find and initialize the hardware (on motherboard and attached to the motherboard) and then boot whatever the BIOS was instructed to boot (floppy, CDROM, HDD, NIC, etc). Those first need to be found and initialized by the BIOS to typically be accessible though. Whenever I've seen a machine with a bung BIOS, it would just do nothing when you switch it on. No HDD or floppy accesses, nothing.
You mention that you copy and rename a BIOS image file to floppy and the hardware would deal with it automatically. So this means that the motherboard has logic to deal with FAT12 at a level lower than the BIOS. Also what good is an autoexec.bat if you have no BIOS to boot the boot sector which boots a kernel or boot loader which then boots a kernel which then parses autoexec.bat?
I would be astonished that I have not heard about this before, if this is true.
From my knowledge, the basic boot process goes 1. very basic chipset code which executes 2. BIOS which probes and inits hardware then reads it's config to then boot 3. some boot sector on a boot compatible device which has been prior detected and readied for such accesses.
I have heard about this technique you are speaking of, but that was with motherboards which had a dual BIOS, where you had the full configurable BIOS and then an extremely basic read-only recovery BIOS.
I'm amazed that people are even swaping the chips. Most modern bios' have had a way to recover form a corupt/failed bios for years.
I did this mostly with old Socket 7's. I know there are some nice mobos with dual BIOS and fancy protection for a failed flash or chip, but I never came across any which I actually had to flash.
Check this video out. These guys are overclocking an AMD and pull the heatsink off...
Blown AMD
Looks like that one didn't make it and is now in silicon heaven. ; )
I wonder if that was for real or it had some small calibre help? Shocking (not the chip, the other thing which I won't spoil for you all).
Too ex-trame! ; )
You do know it's typically a Bad Idea to swap cards, chips, memory, etc. while a computer* is running, right? That's what makes his success noteworthy.
This is not all that uncommon a procedure though. I've done this with some old boards. I tend to use the machines I find on the street for swapping live EEPROMS though.
Once I accidentally put an EEPROM back in the wrong way around (unforgivable with my electronics background) and the little plastic sticker which normally would cover the window (which was not actually there on this chip) blistered from the heat almost instantly. I switched it off real quick, the chip was unbearably hot to touch, but once it cooled down and I placed it the correct way around, it worked fine to my complete astonishment!
I wasn't too worried because I have a tendency to take the EEPROM chips off dead mobos, to have spares for a rainy day.
I thought it was pretty cool when I first performed a live EEPROM swap and burn and have it actually work to resurrect a board. It also meant that I was able to feel a lot more confident modifying AWARD modular BIOS with driver removals and additions.
At the moment my BIOS woes include trying to get a replacement BIOS for my expensive Sony VAIO VGN-A49GP, because it has very few options and seemingly ACPI issues which I would like to just remedy or disable with a BIOS upgrade. I'm being a lot more cautious with this one though. ; ) AMI supposedly sell BIOS upgrades but they have not returned my emails. Flashing a $5,000 AU Sony laptop with a non-Sony firmware is a little scarey to say the least.
I think that many of the chipset makers are afraid of the legal liability that widespread software controllable radios could bring on. I'm actually suprised that some jackass hasn't been caught jamming police or airport radios.
In my part of the World, police radios use frequencies around 470MHz. Radios designed to transmit at 2.4GHz and 5GHz don't tend to work too well at 470MHz. It is not too hard to make a wide band receiver, however wideband transmitters tend to be efficient at a given band and then mostly terrible outside of that. Normally a transmitter designed to transmit of multiple bands, will actually have seperate transmit sections for each desired band. I have an old Yaesu FT-411 2m 144MHz-148MHz tranceiver. I modified it (digital unlock with some soldering) for wider receiver coverage, however this also allowed it to transmit on a slightly wider band. With the provided antenna and precise transmitter tuning, it is crap only a little outside of the intended band.
802.11b/g is close to the same frequencies which many cordless phones, mice, keyboards, microphones, etc work at, and dred of all dreds microwave ovens. My 802.11b card came with a simple spectrum analyzer with the software, so that the user can choose a quiet channel. I can always tell if someone near me or my girlfriend switches on the microwave oven, because connectivity goes to hell and the spectrum analyzer lights go nuts flashing around full power on every single channel. It doesn't help that my AP is quite far away, but anyway I think this shows that the FCC have chosen to lump consumer radio goods into the filthy garbage dump of the spectrum.
The FCC would not lump police radios near the deafening RF roar of the Worlds microwave ovens. Sure they may be sealed well, but only a little of that typically 1kWatt of RF at 2.4GHz needs to get out to mess with devices around the same freq.
I don't know how good 802.11a 5GHz goes. Anyone?
that this actually could kill RIM.
The potential impact of this may mean the shutdown of Blackberry's network.
Surely this would not mean that the Blackberry network would be shutdown? Am I naive to think that this would instead mean that RIM's value would decend constantly, nobody would want to buy them EXCEPT for NTP, who would buy them at rock bottom prices and then aquire the network and most importantly the customer base (ie. high pressure money pipe) which goes with it?
"The" law seems to be grossly manipulated by good actors (plaintiffs, lawyers, attorneys, barristers, witnesses, etc) who work it for nothing but money. It seems that rather than seeing themselves needing to defend their property, they instead see opportunity to take someone elses "in the name of defending their own".
How many servers do you use to route traffic through? Can you give a rough outline of your network with a diagram? :]
You might have to imagine a 5 legged firewall seperating 4 internal networks (internal, server, VoIP and DMZ) from each other and the Internet.
2 servers in a seperate "server" network. One acts as a web/mail server and the other acts as a web proxy, dns and ntp time server. They are in their own "server" network and each also have their own appropriate internal pf config.
The internal network has very limited access to the internet "directly" (like only ssh), but can initiate connections to the server network for other essential services and also very limited access to the VoIP network to manage VoIP devices. But cannot ever allow connections to or from the DMZ network. The server, VoIP and DMZ networks can never initiate any connections to any other internal network, including "internal" (the only connections they can initiate are to the internet and then only on allowed ports and sometimes to allowed IP's).
The VoIP network is dedicated to VoIP traffic with appropriate rules.
The DMZ network is for messing around with networking and untrusted applications. Learning, experimentation, etc. The type of tinkering which I would only want to do with expendable machines on a worthless network.
I port forward selected ports on the external interface to the server, VoIP and DMZ networks, as need be.
I am also using prioritization and bandwidth throttling to ensure time critical applications (like VoIP, gaming, interactive ssh and empty acknowledgement packets) get the responsiveness and bandwidth (VoIP and gaming) they need. After that I prioritize stuff like web before mail, etc, leaving whatever remains (like P2P) to have the lowest priority and least bandwidth.
I log almost everything which is blocked, to a decent sized hard drive. The great thing about OpenBSD pf logging, is that it logs the actual packets. So I can later look at the traffic in as much detail as I would like (offline on a seperate machine with Ethereal for example).
This is only a home network, so I have tried to limit this setup to something managable as far as power and cabling goes. Part of me wants the super low power of Soekris or WRAP devices, but then the other part of me loves Sun gear way too much. If only I could get something like Soekris gear, but with an embedded sparc64 with Sun compatible OpenFirmware. If I could have 4 sparc64 machines running OpenBSD and each drawing 5 or 10 Watts, I would be pretty happy. I think I would pay WAY too much money for something like that. With about 20 machines in my home up and running and lots more in parts, I am surprised my girlfriend has not packed her bags by now. ; )
I'm sure many people probably would consider this overkill and I certainly don't need this elaborate setup. But this mostly just exists to feed my interest in networking.
I stopped using TOR when I discovered the name of one of the common exit nodes. I forget exactly what it was, but I kid you not, it was something like "datapirates.org".
I thought you were going to say, "I stopped using TOR when I discovered the name of one of the common exit nodes was *.navy.mil". Because that would not surprise me considering that it is based on an onion routing scheme developed by the US Navy.
You're MAC address isn't used outside of your subnet.
It will not always be the case that everyone within "ear shot" of your subnet is friendly to your dodgy ways.
Take this scenario: You jump onto one of the multitude of wide open WAP's in your neighbourhood to get up to some mischief. That person is raided with a search warrant (or if you're in the USA: with a twitchy GWB) and the forensics guys find a MAC address in the DHCP lease table of that WAP which does not match any of the suspects machines. They easily find out the vendor from the vendor portion of the MAC address and then contact that vendor, asking the vendor where that card was sold. Meanwhile, the elderly couple suspects seem innocent, since they're pretty IT clueless and no other evidence can be found on thier computers. So the vendor checks the MAC tables against batch numbers, finds the batch and then checks where that batch was sold. Sold to the such-and-such NewEgg. They contact NewEgg to find out exactly who bought that card or otherwise get a list of people who bought that model from that store. It just so happens, that ONE of the people on that list lives within 300m of the suspect.
They pay YOU a visit. Feeling cocky because you used some random persons WAP, you carelessly left the evidence of your wrong doings on your PC which has that very MAC address.
That's the remaining gotcha that can reliably get you ID'd.
About a year ago, just for the heck of it, I wrote a script to modify my MAC address to random values, each time the interface is brought up. Worked fine as long as the first digit (0) (or was it first 2 digits (00) were set to zero. I was having problems with it and noticed that these problems only occured when they were non zero values. I assumed non-zero values for the first certain number of bits made the address somehow invalid.
I never really used it out of my initial interest and never bothered looking up the RFC to find out why.
What's ingress and egress mean to a non techie?
ingress: packets coming in.
egress: packets going out.
Firewalls can be configured to selectively allow traffic coming in or even block all traffic coming in. Same deal for traffic going out. Apparently Anonym.OS is configured to only allow encrypted traffic to leave the machine it is running on and only allow the replies to that traffic back in and nothing else.
Often people will block incoming traffic, allow ALL outgoing traffic and allow incoming replies to that outgoing traffic. I prefer to block all incoming and only allow outgoing for allowed ports with the associated replies of course being allowed in. Most of my outgoing traffic must first pass through servers in a seperate network, with each network having explicit allow rules for traffic between each other and the internet. This seems extreme to some people, however the only real cost is less idle time on my 5 port Sun firewall (OpenBSD). As long as my firewall does not spend too much time with idle at 0%, I feel this "cost" is well worth the added security. At the end of the day, I notice no impact as a user, nor does my girlfriend.