Any windows user with even a hint of clue would unbind Netbios from their internet facing card.
If you have to use that same card for printer/file sharing then you unbind netbios from tcp/ip and use a non-routable protocol to piggyback netbios (i.e. Netbeui).
Not true at all, proper tools can ignore these 'stealth' techniques. Timeouts for example.
What about net or port unreachables? You block all those then you end up making the users wait extra before their _insert client here_ built-in timeout occurs. Same with host unknowns. It also creates a pain to the netops whom need to run diagnostics.
There are some ICMPs which have little or no place in most networks and are OK to block for the most part.
And lets not even get into PMTU issues. (do not frag/frag needed), especially with microsofts brain-dead implementation of PMTU in short order.
And blocking destination-unreachable, source-quench, time-exceeded, parameter-problem, can realy make a networks response times to these conditions suck ass.
Again pushing security through obscurity is a BAD idea, whether used alone or in conjunction with other security measures. If a windows users thinks his machine is invincible (i am not saying _you_ do) than they will be less likely to further secure his or her machine. Good habits form good conditions. Blocking all icmps is BAD practice.
There are hundred of papers on this and none but the most pedestrian sites (i.e. marketers to the windows user) advocate blocking ALL ICMPs.
You fell for pure marketing and ignore real-world network operations.
If they are scanning a subnet for fun, they aren't a real security concern, the people whom you SHOULD worry about do not need a ping reply, as they know there are other ways to see if a host is alove or not, in which case blocking pings does nothing.
Security by obscurity is a bad practice to pass on.
It's not a matter if there's anything good on it, fact is, your box can be used as a platform to do other attacks on other hosts, all without you knowing about it.
When the guys in dark sunglasses and earpeices break down your door because your computer was involved in a break-in to a government computer, you'll wish you had that firewall, gunky or not.
> I just hate the argument from "duh, this is > happening, get used to it."
This is a common response, and I hate it, the response comes from a feeling of helplessness, a feeling the government(s) has/have worked hard to instill into its citizens. It is their way of saying they give up. Remove all opposition by any means nessacary.
Fact is, the only way this will end, is critical mass must occur, a revolution, problem with this, is that in the USA(and other major powers), the big government is the big military and vice versa, what chance would revolutionists stand today against such odds?
They know knowledge is power, even more powerful than money, while they have us scrambling over economics, and war, they are encroaching on our intellectual currency using war and economics as an excuse. (I.E. Using 9/11 as an excuse to create the patriot act). If you think this is just tin-foil hat thinking, then you have just experienced, first hand, the results of your training by them.
Fact is, it won't get better, it never will, ever, you can either get used to it and join in, or you can be trampled and pushed into obscurity labled as a treasonist terrorist conspirator.
It's a self-feeding monster, and has grown to proportions which no one entity can curtail, and we as humans are too preoccupied with our own little world of problems, (which by no coincedence our governments help perpetuate) to even care to see it, much less actually _do_ anything about it.
They got wool over our eyes folks, and there's nothing we can do about it, voting won't help, you think those aren't fixed? Can't fight them, they've used our own tax dollars to fund non-fatal 'anti-riot' gear and tactics, with the same tax dollars they have declaired war on its citizens more than once i.e. the "War on Drugs" (a pretty term for prohibition which has been proven NEVER works), an aberration of the law and a violation of human rights and sensibilities, and most recent, the "War on Terrorism" a quiant way of saying "War on Privacy".
Humans are self-destructive by nature, sadly, nothing good will come of the human race. And the earth, if it has a mind, when the time comes, be it from a comet, iceage or our own hands, will be well rid of us.
Is this invasion of privacy really a surprise? Is it even _new_? Or is it that you've been preoccupied with your mundane lives that it's escaped your eyes? Could it be some of you are finally waking up? Too late, you're all too late.
This hits the nail on the head. The problem as I see it, will not resolve itself either without a revolution (blood shed), and being that humans are self-destructive by nature...well, you figure out the rest....
Agreed, also anyone (worth a squat) would just use imaged drives anyways, they figure it's cheaper/quicker/whatever to reimage than it is to waste time locking it down.
> Sorry, can't do that. If you are indeed an/their admin you should easily be able to configure the server to open the submission(or any other) port to test your smtp servers that way. Is that not what ssh is for? ssh in, telnet localhost 25, test away.
> and I'd rather not interfere with it. The amount of users who bind their p2p onto port 25 I can count on one hand, any p2p software worth its merit won't bind to anything below 1024 unless told to anyways.
This attitude is one of biggest reasons why there are so many infected machines, people won't comply because it breaks their 'Kaaza' and crap, yet they complain when there is no security.
Well I don't think you should be modded down, you make a valid point, let's just nail down your definition of quality.
The quality I _think_ you refer to is that of the user learning curve, availablilty of apps, i.e. NOT security or stability am I correct?
Generally it can be said that a good portion of the/. geek crowd considers linux the better quality product of the two(me included), yet your average clueless CEO would think linux was 'crap' cuz it doesnt have a Add/Remove Programs icon.
It seems though, the majority fits into the latter crowd, which holds the MS market share stable.
Keep in mind also, Bill has billions to concentrate on any given project, and MS has been around alot longer than Linux, those combined will make the road harder for linux to traverse, if it is meant to be, and MS remains inflexable and unwilling to accept its role in the internet community as a team player, linux can overcome those odds in time.
You are arguing in an illogical manner. But I am bored, so I will play. Yes it is different, one is watching, the other is doing, are you having problems seperating the two? Most of us don't. If you do, there might be some other issues you should look into.
When you tell a child not to do something, what happens?, any parent will tell you, that the child wants it more, this is not limited to childhood, as an adult it is all around us, look at the "War on drugs", while it's intentions may have been good, the results have been anything but, by criminlizing it, you open the way for blackmarkets, which drives up the prices, which supplies the cartels more money (the laws against drugs are the REAL reason terrorists get funding via drugs, if it was regulated by the government, the drug dealers wouldn't be able to sell it (we could just grow/make our own or buy it at the local store) and then the cartels wouldn't get any cash, and the terrorists will not get any funding from this vector), same with alcohol prohibition, but I digress, it never worked, and never will, when they censor TV, the people migrate to cable and sattelite, looks at the mp3 situation, the harder the RIAA/MPAA try and stop the rips, more entities arise to force a new move, kind of a whack-a-mole. When you censor a word, you give it value, and meaning, it is this very censorshiop that is actually making things far worse, (have you ever said some common word over and over and over again and notice it looses meaning? This is the same effect), do you think that the FCC making the word 'fuck' less said on TV keeps children from learning it? Of course not, they usually learn it from their parents, or their pers (who learn it from _their_ parents) this whole thing of playing puritan to the masses is an effort to shy away from the fact that it is the PARENTS fault, not TVs, not the radio, not the movies, and the government is enabling these 'parent types'.
And before you post it, no, things like murder and rape, etc do not/should not fll under these same standards, that is where common sense comes in.
Also who is to decide what is or is not right to show? Me? You? Him over there? Wrong, the 'who' whould be you, and if you have kids, their 'who' should be you too. The trend today is putting blame on externals to cover up inadequacies in their parenting.
This is what you defend? So very sad indeed.
I see you are just trolling for some debate about U.S policy, well you certainly won't get me to defend Bush and his administration, so troll elsewhere, and to answer your question, the U.S. Press and the British press are the culprits, but that's hardly a revelation, when you are ready to argue the topic at hand, I'll entertain your future questions. The topic says it all, if you don't like it, don't watch it. Don't try and tell others what they should or should not watch.
You can use mod_rewrite to direct that ip to a custom page explaining that they are denied and why, until they email you (give address). Then you can remove the rewrite if you find the user is innocent. Something like this: RewriteEngine on RewriteCond %{REMOTE_ADDR} 111\.111\.111\.111$ RewriteCond %{REQUEST_URI} !^/goaway\.html$ [NC] RewriteRule ^(.*)/goaway.html [R] You must create goaway.html with your message obviously. As for the explaination, could be a badly written script, or someone just doesn't like you, or someone is having seizures everytime they goto your site.
Slashdot Mirror
Any windows user with even a hint of clue would unbind Netbios from their internet facing card.
If you have to use that same card for printer/file sharing then you unbind netbios from tcp/ip and use a non-routable protocol to piggyback netbios (i.e. Netbeui).
Not true at all, proper tools can ignore these 'stealth' techniques. Timeouts for example.
What about net or port unreachables? You block all those then you end up making the users wait extra before their _insert client here_ built-in timeout occurs. Same with host unknowns. It also creates a pain to the netops whom need to run diagnostics.
There are some ICMPs which have little or no place in most networks and are OK to block for the most part.
And lets not even get into PMTU issues. (do not frag/frag needed), especially with microsofts brain-dead implementation of PMTU in short order.
And blocking destination-unreachable, source-quench, time-exceeded, parameter-problem, can realy make a networks response times to these conditions suck ass.
Again pushing security through obscurity is a BAD idea, whether used alone or in conjunction with other security measures. If a windows users thinks his machine is invincible (i am not saying _you_ do) than they will be less likely to further secure his or her machine. Good habits form good conditions. Blocking all icmps is BAD practice.
There are hundred of papers on this and none but the most pedestrian sites (i.e. marketers to the windows user) advocate blocking ALL ICMPs.
You fell for pure marketing and ignore real-world network operations.
If they are scanning a subnet for fun, they aren't a real security concern, the people whom you SHOULD worry about do not need a ping reply, as they know there are other ways to see if a host is alove or not, in which case blocking pings does nothing.
Security by obscurity is a bad practice to pass on.
It's not a matter if there's anything good on it, fact is, your box can be used as a platform to do other attacks on other hosts, all without you knowing about it.
When the guys in dark sunglasses and earpeices break down your door because your computer was involved in a break-in to a government computer, you'll wish you had that firewall, gunky or not.
> I just hate the argument from "duh, this is
> happening, get used to it."
This is a common response, and I hate it, the response comes from a feeling of helplessness, a feeling the government(s) has/have worked hard to instill into its citizens. It is their way of saying they give up. Remove all opposition by any means nessacary.
Fact is, the only way this will end, is critical mass must occur, a revolution, problem with this, is that in the USA(and other major powers), the big government is the big military and vice versa, what chance would revolutionists stand today against such odds?
They know knowledge is power, even more powerful than money, while they have us scrambling over economics, and war, they are encroaching on our intellectual currency using war and economics as an excuse. (I.E. Using 9/11 as an excuse to create the patriot act). If you think this is just tin-foil hat thinking, then you have just experienced, first hand, the results of your training by them.
Fact is, it won't get better, it never will, ever, you can either get used to it and join in, or you can be trampled and pushed into obscurity labled as a treasonist terrorist conspirator.
It's a self-feeding monster, and has grown to proportions which no one entity can curtail, and we as humans are too preoccupied with our own little world of problems, (which by no coincedence our governments help perpetuate) to even care to see it, much less actually _do_ anything about it.
They got wool over our eyes folks, and there's nothing we can do about it, voting won't help, you think those aren't fixed? Can't fight them, they've used our own tax dollars to fund non-fatal 'anti-riot' gear and tactics, with the same tax dollars they have declaired war on its citizens more than once i.e. the "War on Drugs" (a pretty term for prohibition which has been proven NEVER works), an aberration of the law and a violation of human rights and sensibilities, and most recent, the "War on Terrorism" a quiant way of saying "War on Privacy".
Humans are self-destructive by nature, sadly, nothing good will come of the human race. And the earth, if it has a mind, when the time comes, be it from a comet, iceage or our own hands, will be well rid of us.
Is this invasion of privacy really a surprise? Is it even _new_? Or is it that you've been preoccupied with your mundane lives that it's escaped your eyes? Could it be some of you are finally waking up? Too late, you're all too late.
> limited networking, and will be hobbled ..It's exactly the same?
This hits the nail on the head. The problem as I see it, will not resolve itself either without a revolution (blood shed), and being that humans are self-destructive by nature...well, you figure out the rest....
Check this article out, it addresses OS/2 apparently it can.
http://www.os2ezine.com/v5n1/vmware3.html
Modded 'Interesting'? This is flamebait at best.
Oh great, first I have to learn Indian to get tech support, now I'm going to have to learn to decypher clicks and whistles. ;)
..rudolph, blitzen and prancer...sneezy dopey and bashful...oh... sorry..
Those e-machines are pretty nifty for a hobby-level cluster, they work nicely in my cluster. Had no problems recognizing all the hw too.
Agreed, also anyone (worth a squat) would just use imaged drives anyways, they figure it's cheaper/quicker/whatever to reimage than it is to waste time locking it down.
Yea, alot easier than dumpster diving for code ;)
> Sorry, can't do that.
If you are indeed an/their admin you should easily be able to configure the server to open the submission(or any other) port to test your smtp servers that way. Is that not what ssh is for? ssh in, telnet localhost 25, test away.
> and I'd rather not interfere with it.
The amount of users who bind their p2p onto port 25 I can count on one hand, any p2p software worth its merit won't bind to anything below 1024 unless told to anyways.
This attitude is one of biggest reasons why there are so many infected machines, people won't comply because it breaks their 'Kaaza' and crap, yet they complain when there is no security.
> there is a advantage in windows firewalls that i cant see in iptables
Besides your glaring ommision of stateful vs. nonstateful...
http://l7-filter.sourceforge.net/
There goes your "advantage".
Well I don't think you should be modded down, you make a valid point, let's just nail down your definition of quality.
/. geek crowd considers linux the better quality product of the two(me included), yet your average clueless CEO would think linux was 'crap' cuz it doesnt have a Add/Remove Programs icon.
The quality I _think_ you refer to is that of the user learning curve, availablilty of apps, i.e. NOT security or stability am I correct?
Generally it can be said that a good portion of the
It seems though, the majority fits into the latter crowd, which holds the MS market share stable.
Keep in mind also, Bill has billions to concentrate on any given project, and MS has been around alot longer than Linux, those combined will make the road harder for linux to traverse, if it is meant to be, and MS remains inflexable and unwilling to accept its role in the internet community as a team player, linux can overcome those odds in time.
Time will tell.
I use Izzy Foreel for those first name last name deals.
I use privacy@privacy.net
Nice of them to provide that little service.
> Isn't there a potential for malicious misuse of someone's email ID in this way?
Yup, it is called a joe-job...
http://catb.org/~esr/jargon/html/J/joe-job.html
Happy to help. Also those can go into your httpd.conf within a block as well.
Oooo, I guess you told me! What's next, you gonna slap yourself and tell your mommy I did it?
You are arguing in an illogical manner. But I am bored, so I will play. Yes it is different, one is watching, the other is doing, are you having problems seperating the two? Most of us don't. If you do, there might be some other issues you should look into. When you tell a child not to do something, what happens?, any parent will tell you, that the child wants it more, this is not limited to childhood, as an adult it is all around us, look at the "War on drugs", while it's intentions may have been good, the results have been anything but, by criminlizing it, you open the way for blackmarkets, which drives up the prices, which supplies the cartels more money (the laws against drugs are the REAL reason terrorists get funding via drugs, if it was regulated by the government, the drug dealers wouldn't be able to sell it (we could just grow/make our own or buy it at the local store) and then the cartels wouldn't get any cash, and the terrorists will not get any funding from this vector), same with alcohol prohibition, but I digress, it never worked, and never will, when they censor TV, the people migrate to cable and sattelite, looks at the mp3 situation, the harder the RIAA/MPAA try and stop the rips, more entities arise to force a new move, kind of a whack-a-mole. When you censor a word, you give it value, and meaning, it is this very censorshiop that is actually making things far worse, (have you ever said some common word over and over and over again and notice it looses meaning? This is the same effect), do you think that the FCC making the word 'fuck' less said on TV keeps children from learning it? Of course not, they usually learn it from their parents, or their pers (who learn it from _their_ parents) this whole thing of playing puritan to the masses is an effort to shy away from the fact that it is the PARENTS fault, not TVs, not the radio, not the movies, and the government is enabling these 'parent types'. And before you post it, no, things like murder and rape, etc do not/should not fll under these same standards, that is where common sense comes in. Also who is to decide what is or is not right to show? Me? You? Him over there? Wrong, the 'who' whould be you, and if you have kids, their 'who' should be you too. The trend today is putting blame on externals to cover up inadequacies in their parenting. This is what you defend? So very sad indeed.
I see you are just trolling for some debate about U.S policy, well you certainly won't get me to defend Bush and his administration, so troll elsewhere, and to answer your question, the U.S. Press and the British press are the culprits, but that's hardly a revelation, when you are ready to argue the topic at hand, I'll entertain your future questions. The topic says it all, if you don't like it, don't watch it. Don't try and tell others what they should or should not watch.
You can use mod_rewrite to direct that ip to a custom page explaining that they are denied and why, until they email you (give address). Then you can remove the rewrite if you find the user is innocent. Something like this: /goaway.html [R]
RewriteEngine on
RewriteCond %{REMOTE_ADDR} 111\.111\.111\.111$
RewriteCond %{REQUEST_URI} !^/goaway\.html$ [NC]
RewriteRule ^(.*)
You must create goaway.html with your message obviously.
As for the explaination, could be a badly written script, or someone just doesn't like you, or someone is having seizures everytime they goto your site.