I can report scans of port 53 with "interesting" payloads seen as early as 2am GMT.
The BIND 4 hole(s) is/are going to be a BITCH to exploit, certainly not impossible; but hard enough that it won't be suprising if such never sees wide distribution. Quoth the original advisory:
"In order to trigger this overflow, an attacker needs to get BIND to cache an NS record with a very large length. Furthermore, the attacker needs to cache a record for the resolution of the NS record that contains one of the problem conditions for the logging. This is achievable by sending a query to a recursive name server, asking it to resolve a large name that is under the authority of a malicious name server. The malicious name server then needs to refer the request to another name server also with a large name, and provide an additional record giving an invalid address for that name server.
The limitations placed upon the character set allowed in domain names makes the construction of a viable return address difficult. However, there is a potential for an attacker to make the name server return into memory that the attacker has forced the name server to allocate. In this case, vulnerability is contingent upon the location of the heap and the amount of memory available, as well as whether or not the operating system has a policy of lazy swap page allocation as opposed to an eager reservation policy. COVERT has verified that it is possible to exploit named running under Linux by growing the heap to sizes that far exceed that amount of memory and swap available. This was performed by utilizing specific patterns of memory allocation that maximize untouched memory."
"A little bit of powerdered aluminium would not have been hard to dig up... finding magnesium might have been difficult"
With all due respect, you are an idiot. Anything energetic enough to be useful for rocketry is DANGEROUS; even match-head rockets cost fingers and such for those who play with these things without proper precautions.
I'd like to think that I could come up with a reasonable rocket fuel given 10 hours in their junkyard, nothing near as safe as the perchlorate based engines they had, but something useable. Even lifelong experts would treat it as potentially more powerful than TNT and less stable than nitroglycerine, because the history of rocketry and of explosives are riddled with the splattered remnants of folks who didn't use that kind of caution.
Assuming that you're not simply increasing your bandwidth to an upstream bottleneck, as mentioned by others, then you can do what you want.
In 2.2 and later, using the iproute2 interface, you can route traffic through multiple interfaces and connections will go through in a semi-equalized fasion. "ip route add default nexthop via <addr> dev <device>", and repeat for as many interfaces as you have.
This causes new connections to choose one or the other interfaces, a single connection's traffic goes through one or the other but not both. This is in 2.2 without the DiffServ patches; patched 2.2 and stock 2.4 can make both interfaces be used equally instead of on a per connection basis with the equalize keyword on the ip command.
regardless of the signalling the underlying link is using, the box is likely (not always) hooked to your PC via "good" old fashioned 10bit rs232 serial ports.
That's not the point. The point is that unless you've got enough connection to firewall that you can afford fancier stuff anyway, most any PC has plenty of time to do quite a bit of work between packets. Compare the bandwidth and CPU involved in, say, turning 44kHz 16bit sound into pretty pictures like eXtace does, to the task of filtering a couple of T1's worth of internet connection.
SVGATextMode supports 8- and 9-pixel wide fonts, but both use the _same_ font file.
VGA cards use a strange trick to get a character cell of 9 pixels. It's
actually a cell of just 8 characters, but with a 9th, empty (black) pixel
appended to it.
This exploits the fact that (almost) all fonts need character spacing
between them, and thus all "normal" 8-pixel fonts used to have one or more
black rows on the right side and below the characters anyway. Using this
trick, you can fill the 8-pixel font definition a little more (=higher
resolution), using the full 8-pixel resolution available in the 8-pixel
cell, and let the VGA chip add the black space (or at least part of it)
between characters.
There's just one catch: the VGA chip must STILL be programmed as if it were
doing a 8-pixel font,even when using a 9-pixel cell width.
none of the three states i traded cars in required registration until you started driving it around. At least, not that anybody ever told me, I just circulated junkers.
HX caches either 64MB or 128MB depending on configuration (ground a pin I think); all the HX boards I've seen are set up for 512MB. It was the VX/TX and later chipsets that wouldn't cache past 64MB; the TX often had problems even running if it had exactly 64MB.
Sales taxes are due on most aution and yard sale type transactions, it's just that harldy anybody bothers about it.
The people involved don't know to collect it or where to send it how to report it etc, the people charged with making sure the sales taxes are collected have better places to spend their enforcement efforts.
Bring a car title to the wrong secretary of state's office and they might demand to see every bill of sale since the last time it was registered and tell you you're liable for sales tax on every one of those transactions. As a result of having that happen to myself, I haven't sold a car for more than $2 in years.
"rider on" = add this little bit to a bill that will pass anyway.
"session ending omnibus appropriations bill" = "it's time to go home, we have to give these agencies and programs some budget this year, whack whatever numbers came out of your last arguments up into a document and we'll pass it".
and some folks figure this is cheaper than crack, by their habits, and there's a rental market, so go pee in somebody elses' pool, awright? Thad be so nice.
You are perilously near enlightenment. The next step on the path is to create your own language, which when it ceases to suck in your eyes marks your fall from graceful illumination.
I know of an ISP who has already bought $ 3/4 million or so in switch hardware, trying to become a CLEC. They budgeted twice that for lawyers. It's been over a year now and they're still saying "coming soon" whilst letting their ISP business slide.
The Bells know that competition spells doom for them; they are not structured to handle it and are fighting for their very existance. As I told my ISP rep the other day, while discussing their plans to enter the phone business: The [local Bell] would have had ya'll shot already if they thought they could get away with it. Their fight hasn't got really nasty yet, so it might still be an option in the [local Bell]'s playbook.
The 286 protected mode was designed for MicroSloth Xenix. (can't find documentation, ISTR it was common knowledge back when.) MS sold Xenix to SCO before the chip actually hit the market.
How about the "all ChargeCard", which was an add-on MMU for the 286? Still want one of those, even if I have to trade my Hariis clone 286 chip for a real intel.
Is there a city that was designed? There's a few that claim to be, but if the design changes every 20 years or so I for one don't think they can defend the claim.
interesting perhaps, but it'd be like the video game championship way back when: they actually managed to invent something that was more boring to watch on TV than bowling.
The only way to make it worthwhile would undermine the entire purpose: you'd have to have folks standing at the builder's elbows all the time asking "what are you doing now?"
Some folks are perfectly happy living on a 48 hour "day" cycle; 36 up and 12 down. Indeed, I for one can't get really productive when working on heavy stuff until ~8 hours in. Would you have me (self employed) become subject to fines and whatever other enforcement powers OSHA manages to wrangle because I'm a freak?
Slashdot Mirror
The BIND 4 hole(s) is/are going to be a BITCH to exploit, certainly not impossible; but hard enough that it won't be suprising if such never sees wide distribution. Quoth the original advisory:
With all due respect, you are an idiot. Anything energetic enough to be useful for rocketry is DANGEROUS; even match-head rockets cost fingers and such for those who play with these things without proper precautions.
I'd like to think that I could come up with a reasonable rocket fuel given 10 hours in their junkyard, nothing near as safe as the perchlorate based engines they had, but something useable. Even lifelong experts would treat it as potentially more powerful than TNT and less stable than nitroglycerine, because the history of rocketry and of explosives are riddled with the splattered remnants of folks who didn't use that kind of caution.
In 2.2 and later, using the iproute2 interface, you can route traffic through multiple interfaces and connections will go through in a semi-equalized fasion. "ip route add default nexthop via <addr> dev <device>", and repeat for as many interfaces as you have.
This causes new connections to choose one or the other interfaces, a single connection's traffic goes through one or the other but not both. This is in 2.2 without the DiffServ patches; patched 2.2 and stock 2.4 can make both interfaces be used equally instead of on a per connection basis with the equalize keyword on the ip command.
regardless of the signalling the underlying link is using, the box is likely (not always) hooked to your PC via "good" old fashioned 10bit rs232 serial ports.
That's not the point. The point is that unless you've got enough connection to firewall that you can afford fancier stuff anyway, most any PC has plenty of time to do quite a bit of work between packets. Compare the bandwidth and CPU involved in, say, turning 44kHz 16bit sound into pretty pictures like eXtace does, to the task of filtering a couple of T1's worth of internet connection.
You obviosly haven't tried hard enough.
...I cannot beleive we're arguing over screw quality here...
Bring cookies to bake offs. Not pillsbury, of course...
There are several "Richard M. Stallman"s in the world. There is and can be only one RMS.
Good point, but then when you need the gloves they'll be somewhere else... would that be a library not found error?
Balls Played 1528
Avg. Ball Time 49.28 seconds
That's just such a rich vein of potential humor I don't know where to start.
2.3.0 == 2.2.8
SVGATextMode supports 8- and 9-pixel wide fonts, but both use the _same_ font file.
VGA cards use a strange trick to get a character cell of 9 pixels. It's
actually a cell of just 8 characters, but with a 9th, empty (black) pixel
appended to it.
This exploits the fact that (almost) all fonts need character spacing
between them, and thus all "normal" 8-pixel fonts used to have one or more
black rows on the right side and below the characters anyway. Using this
trick, you can fill the 8-pixel font definition a little more (=higher
resolution), using the full 8-pixel resolution available in the 8-pixel
cell, and let the VGA chip add the black space (or at least part of it)
between characters.
There's just one catch: the VGA chip must STILL be programmed as if it were ,even when using a 9-pixel cell width.
doing a 8-pixel font
none of the three states i traded cars in required registration until you started driving it around. At least, not that anybody ever told me, I just circulated junkers.
HX caches either 64MB or 128MB depending on configuration (ground a pin I think); all the HX boards I've seen are set up for 512MB. It was the VX/TX and later chipsets that wouldn't cache past 64MB; the TX often had problems even running if it had exactly 64MB.
The people involved don't know to collect it or where to send it how to report it etc, the people charged with making sure the sales taxes are collected have better places to spend their enforcement efforts.
Bring a car title to the wrong secretary of state's office and they might demand to see every bill of sale since the last time it was registered and tell you you're liable for sales tax on every one of those transactions. As a result of having that happen to myself, I haven't sold a car for more than $2 in years.
"session ending omnibus appropriations bill" = "it's time to go home, we have to give these agencies and programs some budget this year, whack whatever numbers came out of your last arguments up into a document and we'll pass it".
and some folks figure this is cheaper than crack, by their habits, and there's a rental market, so go pee in somebody elses' pool, awright? Thad be so nice.
You are perilously near enlightenment. The next step on the path is to create your own language, which when it ceases to suck in your eyes marks your fall from graceful illumination.
The Bells know that competition spells doom for them; they are not structured to handle it and are fighting for their very existance. As I told my ISP rep the other day, while discussing their plans to enter the phone business: The [local Bell] would have had ya'll shot already if they thought they could get away with it. Their fight hasn't got really nasty yet, so it might still be an option in the [local Bell]'s playbook.
One word: Redundancy.
How about the "all ChargeCard", which was an add-on MMU for the 286? Still want one of those, even if I have to trade my Hariis clone 286 chip for a real intel.
Is there a city that was designed? There's a few that claim to be, but if the design changes every 20 years or so I for one don't think they can defend the claim.
The only way to make it worthwhile would undermine the entire purpose: you'd have to have folks standing at the builder's elbows all the time asking "what are you doing now?"
...of course you would, it's for my own good...
...
"Now hiring experienced
...no wonder.