False. Orion has not been cancelled. The most recent NASA authorization act passed last year authorizes over $3.6 billion in funding to develop the vehicle over the next 3 years. The Ares I/V launch vehicles are what was cancelled.
You just cannot reliably determine anyone's identity online.
There are some functions of government that can already be accessed online, like paying taxes. But that's not a problem since no one besides the taxpayer would want to voluntarily contribute money, so there is little incentive for someone to falsify their identity for that. There is huge incentive for people to participate in a free process (voting) that determines the policy course of states and nations.
Apple, Netgear, Dlink, etc are offering support for it.
This is why no one wants to switch yet. If the users can't access your sites businesses are not going to judge it very cost effective to make them available on v6.
And you keep ignoring the fact that the v4 address probably won't work for a good majority of their clients so it doesn't really help, it would be sort of like having a flapping server.
well, not exactly. You do not know the file path is/var/www/htdocs/, so you would need to read the web server config to get that before you could reliably retrieve the file.
If you can observe a planet with a few different methods, you can reliably calculate it's mass and radius from the size it appears, it's orbital period and inclination, the effect it exerts on the star, and other data points.
Once you have the mass and radius, you can calculate the density, which allows you to speculate on whether it is rocky or gaseous. This in turn opens up other informed analyses of the conditions that might be present given it's distance to the star and other factors.
It's atmospheric composition can also be determined with spectroscopy.
If you really think astronomers are just guessing, you couldn't be more wrong. It's true that there is a lot that we don't know about these planets, but what we do is built on a solid mathematical foundation.
Perhaps I should rephrase, yes all are routable, but since the way the protocol is going to work will see every end user getting at least a/64, doesn't that effectively cut the allocatable address space in half?
I just don't understand why you think not having a firewall will protect you from DDOS.
Most DDOS attacks are aimed at port 80 anyway since they know traffic on that has to be allowed through and often cannot be easily distinguished from legit traffic.
Well I still think a firewall is good to have as part of a layered defense strategy.
It's good to only start services you need, but accidents happen. Let's say an erroneous service is accidentally started that opens a port in an insecure way. WIth a firewall policy only allowing traffic on the ports you expect, this would not be a problem, but without one it could open up a new attack vector.
Also, while they won't really help that much against DDOS, firewalls can reject other kinds of invalid traffic that can disrupt the web server (such as syn floods).
Well, assuming no firewalls anywhere, that is not correct.
A firewalled response drops the packet, (i.e. stealth). A port closed response returns a rejection to the requester. That at least tells them a server is running at this location.
In terms of open ports, yes the behavior is the same, but not the behavior on all ports.
For example, if a script is just scanning for a netbios vulnerability on port 139 or something, it would not detect a server at your IP with a firewall in place, where it would if it gets back a port closed response.
v6 has been the preferred solution in the RFCs for 10+ years. That hasn't resulted in it's adoption, because NAT and other bandaid solutions came along.
And future use addresses do not reduce the problem for end users, they make them more complex because the behavior is unpredictable and poorly documented, they are much more likely to know whether their equipment and network support IPv6 than what the internal firmware or operating system software in their network devices looks like wrt future use addresses.
Slashdot Mirror
are belong to me. The people love me. I am not a leader, I have no position. I cannot step down.
But you have voluntarily given all your base to me. I am divine protector of your base.
I will never leave. Your base is safe with me.
Some young people have taken drugs which caused them to make poor decisions about their base.
The correct decision is to give all your base to me. I will never leave you. The people's councils honor me with their base.
I am forever.
False. Orion has not been cancelled. The most recent NASA authorization act passed last year authorizes over $3.6 billion in funding to develop the vehicle over the next 3 years. The Ares I/V launch vehicles are what was cancelled.
http://thomas.loc.gov/cgi-bin/query/F?c111:3:./temp/~c111kXpLQV:e14982:
Seriously, this is just a horrible idea.
You just cannot reliably determine anyone's identity online.
There are some functions of government that can already be accessed online, like paying taxes. But that's not a problem since no one besides the taxpayer would want to voluntarily contribute money, so there is little incentive for someone to falsify their identity for that. There is huge incentive for people to participate in a free process (voting) that determines the policy course of states and nations.
Correct, I could have worded it better. Still the point stands. Businesses are reluctant to invest the capital necessary to bring v6 online.
They do at least on the WAN side.
Apple, Netgear, Dlink, etc are offering support for it.
This is why no one wants to switch yet. If the users can't access your sites businesses are not going to judge it very cost effective to make them available on v6.
ATK has what was Thiokol and Hercules so who else in the US has Very Large Solid Rocket Manufacturing capabilities? Nobody
Aerojet also produces large solid rocket motors for use on missles.
Also, the proposed second stage would have to be completely redesigned to allow air start (it is a ground stage).
Basically, a lot of work for not much benefit (other than to keep ATK's 5-segment booster development going).
What is the purpose of re-using them?
To keep the ATK money train rolling.
They basically argued that for something to be "free as in speech", it has to NOT be "free, as in beer".
There are plenty of other people who feel this way, like the **AAs, the BSA, the AAP etc.
It's time for big business to realize that capitalism does not require anyone to give you money for your offerings.
And you keep ignoring the fact that the v4 address probably won't work for a good majority of their clients so it doesn't really help, it would be sort of like having a flapping server.
well, not exactly. You do not know the file path is /var/www/htdocs/, so you would need to read the web server config to get that before you could reliably retrieve the file.
It's not that hard to understand.
If you can observe a planet with a few different methods, you can reliably calculate it's mass and radius from the size it appears, it's orbital period and inclination, the effect it exerts on the star, and other data points.
Once you have the mass and radius, you can calculate the density, which allows you to speculate on whether it is rocky or gaseous. This in turn opens up other informed analyses of the conditions that might be present given it's distance to the star and other factors.
It's atmospheric composition can also be determined with spectroscopy.
If you really think astronomers are just guessing, you couldn't be more wrong. It's true that there is a lot that we don't know about these planets, but what we do is built on a solid mathematical foundation.
character encoding fail
Perhaps I should rephrase, yes all are routable, but since the way the protocol is going to work will see every end user getting at least a /64, doesn't that effectively cut the allocatable address space in half?
oh yeah, well my website degrades gracefully to Netscape Navigator 2.0. Beat that!
I just don't understand why you think not having a firewall will protect you from DDOS.
Most DDOS attacks are aimed at port 80 anyway since they know traffic on that has to be allowed through and often cannot be easily distinguished from legit traffic.
Everyone gets 18quintillion addresses.... sounds like a plan to run the world out of IP's and start designing IPv7 ASAP!
Not really, with 18 quintillion allocations of that size, assuming 7 billion people, everyone can have 2.5 billion addresses.
That should last for a while.
Ah I see, so really only 2^64 unique addresses are routable within that framework.
You're right, my bad. I was thinking of something else. /48s were for site assignments from ARIN.
https://www.arin.net/resources/request/ipv6_initial_assign.html
Still a /64 seems absurdly large for one end user.
Each user has been delegated a /64 block of approximately 18,446,744,073,709,551,616 (18 quintillion) unique IPv6 addresses.
That seems a little silly. I thought end users were going to be assigned /48s with IPv6?
Well I'll just have to disagree.
There should at least be a firewall on each host that has public facing ports for any admin services (ssh etc).
That allows you to easily configure flexible rules to disallow people that send invalid traffic to those ports.
Well I still think a firewall is good to have as part of a layered defense strategy.
It's good to only start services you need, but accidents happen. Let's say an erroneous service is accidentally started that opens a port in an insecure way. WIth a firewall policy only allowing traffic on the ports you expect, this would not be a problem, but without one it could open up a new attack vector.
Also, while they won't really help that much against DDOS, firewalls can reject other kinds of invalid traffic that can disrupt the web server (such as syn floods).
Well, assuming no firewalls anywhere, that is not correct.
A firewalled response drops the packet, (i.e. stealth). A port closed response returns a rejection to the requester. That at least tells them a server is running at this location.
In terms of open ports, yes the behavior is the same, but not the behavior on all ports.
For example, if a script is just scanning for a netbios vulnerability on port 139 or something, it would not detect a server at your IP with a firewall in place, where it would if it gets back a port closed response.
v6 has been the preferred solution in the RFCs for 10+ years. That hasn't resulted in it's adoption, because NAT and other bandaid solutions came along.
And future use addresses do not reduce the problem for end users, they make them more complex because the behavior is unpredictable and poorly documented, they are much more likely to know whether their equipment and network support IPv6 than what the internal firmware or operating system software in their network devices looks like wrt future use addresses.