Slashdot Mirror


User: Cramer

Cramer's activity in the archive.

Stories
0
Comments
3,954
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,954

  1. Re:Low level it. on Not-So-Clean Hard Drives For Sale · · Score: 2, Informative

    If the drive needs a low-level format, it SHOULD be sent back. A modern hard drive should never need a field reformat within it's design lifetime.

    (If you disable thermal recalibration on the drive, you'll get what you asked for. I don't know if you can even do that anymore -- "AV" drives used to have that as an "option" for bursts of increased speed.)

  2. Re:ICANN.... on ICANN Budget Questioned · · Score: 2, Interesting

    I read their "budget"... accordingly, they are paying an average of $93k per employee. That's insane. And seeing as that's an average, I'd bet 70% of that line item is in the executives pockets. Nothing ICANN is supposed to do is worth that kind of cash. (I'll never understand the need to give CEO's 250k$ + millions in extras. They don't do shit to deserve it.)

    As for IANA... what the f*** do they need with 5.8mil? They really don't do hardly anything. They don't host root name servers or run any part of the internet infrastructure. (if IANA went poof tomorrow, the internet wouldn't even notice. they provide valuable services, just not active, critical services.) They deligate address space, assign ASN's, and maintain the associated database(s) for those deligations (and bill for them.) I've built and maintained the same thing for ISPs -- it's not that f'ing difficult. Seeing how they bill for most of what they do, why would they need so much from ICANN?

  3. Re:I've noted a big problem... on Akamai Having Problems? · · Score: 1

    Reverse DNS is the responsibility of the hosting ISP. And yes, they are required to maintain reverse dns entires for the address range assigned to the caches.

    I've installed Akamai cache servers before. I don't remember the terms of the contract but I do remember this as a line item on the pre-installation check list.

  4. Re:In related news... on Safe and Insecure? · · Score: 1

    Nah, they are responsible for paying for their actions. With enough money, one can buy themselves out of any hole.

  5. Re:In related news... on Safe and Insecure? · · Score: 1

    Do CD-R and DVD-R makers plaster you with these warnings? Does the software you use to make and/or copy CDs also pester you with legal disclaimers? No. There may be one in the EULA, but nobody reads them. And if they do, it's only once and right to the trash.

  6. Re:In related news... on Safe and Insecure? · · Score: 1

    Not necessarily. However, Panera is not throwing away their logs either.

  7. Re:In related news... on Safe and Insecure? · · Score: 2, Interesting

    "Very carefully"

    It'll obviously come down to the individual case and circumstances. For example, nobody would would beleive my attempt to use such a defense. But it'd be an easy sell for my parents or sister. AND, you only get to use this defense once; after that, you damn well better be able to show that you've at least tried to secure your network.

    In the specific case pointed out in the article, he has taken clearly evident steps to permit (or _aid_) illegal activities... he turned off the DHCP server's logs. Beyond that, the AP is basically "out of the box". That's merely stupid -- if accessing your *new* wireless network is as simple as taking out of the box and your laptop starts using it without any configuration from you, why can't you understand it'll be that easy for anyone within radio range?

  8. Re:In related news... on Safe and Insecure? · · Score: 1

    I'm not a lawyer, so no; I don't wander around with a law library. Go search groklaw or talk to your own lawyer (on your dime.)

    Any real lawyer would be able to beat you over the head with a truck load of case law of people acting with wreckless disreguard (on both sides of the coin.)

  9. Re:In related news... on Safe and Insecure? · · Score: 4, Insightful

    Comcast is protected by "Common Carrier" provisions -- "the law". You and I are not. As you would be acting with wreckless disreguard, the courts could very well hold you legally responsible for what goes on by way of your intentionally unsecured wireless network. And Comcast and all the others under the common carrier umbrella won't give a single damn. (In fact, most would simply terminate your account for various TOS violations.)

    In a civilized society, you are responsible for your actions.

  10. Re:Stolen from the #1 Security Company? on Possible Cisco Source Code Theft · · Score: 1
    Not easily. And not in any means that is not easily detectable if the admins are awake. Let me enumerate several such methods:
    • Physical network tap
      Install a device to replicate the electrical (or optical) signals. Various such devices are available on the market. They are not complicated devices. Such a method requires physical access to the network; and anyone can tell you, if a hacker can touch it, it ain't gonna stay secure for long. (eg. if a hacker is sniffing passwords via a physical tap, you've got some serious security issues.)
    • Port Spanning - (aka. mirroring, monitor ports, etc.)
      Such a feat would require access to at least one other machine and one of the switches. This is very difficult without inside help and/or knowledge. (i.e. compromise their network sniffer, IDS, firewall...) [This is not technically "sniffing passwords" as you've configured the network to intentionally hand someone a copy of all the packets. But I won't argue this point.]
    • Unicast Flooding
      Misconfigure the network (read: screw up the network) so all the traffic is broadcast, or more accurately, unicast flood, throughout the switch/network. Depending on the switch, this can range from simple to nearly impossible. High-End Cisco switches lean towards the latter. Any managed switch is very likely to generate administrative notices when something like this happens.
    • MAC Spoofing
      This is alot like the unicast flood method, except you lie to the switch and say you are the machine that should be getting the traffic. LaBrea does this, btw. Expect the same type of notices as the switch notes address mismatches and collisions. Don't be surprised if the switch disables one or both ports -- I've seen a Cisco 2948 disable ports because of address flapping (overlapping wireless bridges.)
  11. Re:Heh... on Possible Cisco Source Code Theft · · Score: 1

    The devices listed are "simple" and mostly EOL'd. Most of the modern hardware contains multiple FPGA's and subprocessors that also need to be programed. Good luck getting the NSE's PXF engine online without Cisco's code.

    The 2500 is basically a mac SE. The 3000 and 4000 are not much more advanced than the 2500, although they are modular.

  12. Re:Open source safer ?? doubtful on Possible Cisco Source Code Theft · · Score: 1

    True. However, CCxx is far less difficult today than it was a few years ago.

  13. Re:Stolen from the #1 Security Company? on Possible Cisco Source Code Theft · · Score: 1
    • 90% of their products don't come standard with SSH
    ... export regulations. And as much as people hate telnet, in this case, it is not the root of all evil. Who's going to sniff your login/password? And exactly how the hell did they get access to that switched network segment? If your routers and management systems are on hubs, then you really are an idiot.
  14. Re:Rest In Peace on What Happens To Your Data When You Die? · · Score: 1
    • ... Does that make me a damn good historian
    No, that makes you a dumbass that went to a museum. There used to be a fair number of IBM System/36's in the world. Do you have a manual for one of those? Doubtful. Can you get your filthy hands on one? Maybe. I didn't ask if the locksmith could get documentation; I said "if he has docs". *I* can search for that safe's plan just like anyone else. And you need to be made aware, documents become lost with alarming frequency -- my grandmother doesn't have a birth certificate because the county court house burned to the ground back in the '30s (and before you say "get one from the hospital", people didn't go to the hospital to give birth back then.) (historians cannot archive everything that has ever been. some things just aren't important.)

    • The tumblers ARE detectable
    As you have NO FUCKING IDEA what safe we're talking about and have never listened for the tumblers, you have no fucking clue what can or cannot be detected. The dial has a governor that insures even force -- you cannot tell if you're spinning one tumbler or six. That governor also generates "noise" making it effectively impossible to hear the tumblers. Magnetic pick-ups are not effective as the tumblers (1) aren't magnetic, and (2) are behind 1+ inches of steal.

    The whole argument is moot as you'll never be cracking that safe anyway.
  15. Re:Was it easy? Why was it not major? on Sprint Routers Stolen; NYC Internet Outage Ensues · · Score: 1

    Any telco grade network gear will support hot-swaps. In fact, 99% of the stuff in a telco co-lo is hot-swapable[*] and redundant... including the power plant.

    [*] Cisco definition: you don't have to turn the power off to swap cards. The router may require a reload (read: "it will crash") afterwards. (There have been thousands of bugs w.r.t. "OIR".)

  16. Re:Unmanned Vz facilities on Sprint Routers Stolen; NYC Internet Outage Ensues · · Score: 1
    • though I'd imagine stealing a DSLAM would be a bit tougher
    Nah... wire (i.e. bolt) cutters, a big wrench, and a hand truck: unbolt the rack from the floor and wheel the whole mess to your truck. :-)

    (Heh. That's how one Telco/ISP I know installed them.)
  17. Re:Unmanned Vz facilities on Sprint Routers Stolen; NYC Internet Outage Ensues · · Score: 1

    "free" is the right price. Stolen property is a Very Bad Idea (tm). I've always checked the serial numbers of all the "large" equipment I've ever purchased -- Cisco tracks the serial numbers of all their equipment, btw., and they make it a pain to get support on anything that has a void in that trail.

    Dot-com liquidations are the way most ISPs go. (You can find complete Lucent ATM switches on eBay. I once saw a Lucent 5ESS for sale -- buy has to come get it.)

  18. Re:Rest In Peace on What Happens To Your Data When You Die? · · Score: 1

    Re: the safe...
    1) I'm not talking about K-Mart crap... one can break into a kmart "safe" with a crowbar. My grandparent's safe wouldn't even be scratched by a crowbar.
    2) He'd be a damned good locksmith if he has docs on a 75+ year old safe. (It's probablly older than the basement where it's been since long before I was born.)
    3) You're not getting in this safe with a stethoscope... the tumblers make no discernible noise. (I tried that repeatedly in my youth -- knowing the combination.) Those guys knew what they were doing when they made this safe!

    Re: deposit boxes...
    Those things are not as easy to pick as you think. They are, however, very easily and quickly drilled out... which the bank will have to do anyway to replace the core for which they no long have a key.

  19. Re:Rest In Peace on What Happens To Your Data When You Die? · · Score: 3, Informative

    Unless those papers are in a safe to which no one remembers the combination. It'll be hard to get in that safe without incinerating the papers inside. Drilling and/or cutting the lock open will take several hours. (It'll be about like using a drimmel tool to cut a hole in a battle ship.)

  20. Re:You know... on Mitnick Helps Bust Bomb Hoaxer · · Score: 1

    "the fuzz" is american slang for the police.

  21. Re:It's a legal issue. on Mitnick Helps Bust Bomb Hoaxer · · Score: 2, Informative

    Indeed.... CALEA It's been around long enough that no police force should be unaware of the proper means for requesting call records. If you want CDRs, you don't call Bob down at the CO. (who isn't likely to know how to trace an active call much less fetch the records for calls from last week.)

  22. Re:Humm.... on Mitnick Helps Bust Bomb Hoaxer · · Score: 2, Informative

    It's very likely the police didn't ask the right people the right questions. If I called up Bellsouth to complain about prank calls, the usual operators that man the "main line" cannot do much to help -- they can put in a request to enable "detailed billing" to collect the numbers to then be blocked. HOWEVER, any police department should know to ask for the telco's fraud department or whomever would be handling court ordered phone taps -- as per CALEA, every telco is required to have a single point-of-contact for phone tap requests (that can be a tree of people to address vacations and such...) These are the people who know what to do, and usually the only people with access to all the puzzle pieces (i.e. contacts at other telcos to continue the trace.)

    [While I've never been part of a "fraud department", I have worked along side them. I was part of the "committee" (if 4 people count as a committee) drafting the guidelines for handling law enforcement requests: CSRs are to transfer calls from LEAs to the fraud department the instant they know they aren't asking about their own phone service; do not log or discuss calls from LEAs.]

  23. Re:You know... on Mitnick Helps Bust Bomb Hoaxer · · Score: 1

    Have you ever been in a shop class? Have you ever been a teacher?

    You cannot keep your eyes glued to ~30 students for the entire class. It only takes a minute or two to call in a bomb threat. It can take longer than that to hand out assignments, or break the call into groups. And in a shop class, it's noisy and the students spend a fair amount of time working independently (i.e. without a teacher standing over their shoulder the whole time.) For that matter, the kid could've phone the threat in from the bathroom and then returned to class before the fuzz nabbed him.

  24. Re:Hi-tech means to cover his tracks. on Mitnick Helps Bust Bomb Hoaxer · · Score: 2, Informative

    True. However, nothing will stop the generation of Call Detail Records from every switch through which the call traverses. It's only a matter of time before the CDRs can be chained together to find the (likely) source of the call. In this case, they waited for him to do it again to catch him in the act.

    (Note: it can take several days to fetch all the CDRs required to trace a offline call -- an active call can be traced in seconds (w/appropriate telco cooperation.) The more telcos involved, the bigger the pain.)

  25. Re:The "in crowd" gets slap-on-wrist on Mitnick Helps Bust Bomb Hoaxer · · Score: 1, Informative

    Nobody said she was a lesbian. She was making a statement in favor of homosexuality as "part of an English assignment." (It's a good excuse, but they still merit the 2 days suspension.)