Could someone please explain the origin of the monster?
I didn't see it when I watched the movie, but apparently there is a "meteor" that falls into the ocean when the two people are sitting on the Ferris Wheel at the end of the movie (which takes place a month before the monster attacks).
I believe Nevada was offered a fiduciary incentive, which they turned down stating they plain didn't want the material in their state. The government then turned around and said they really didn't have a choice in the matter anyways. Although really, choosing a mountain that sits on a fault line near one of the fastest-growing cities in America (Las Vegas) and next to the largest generator of electricity for the South-West (Hoover Dam)...not a good move.
And in fact, he did in Episode 14, in the first season -- Control.
http://en.wikipedia.org/wiki/Control_(House_episod e)
Under clinic patients:
Ricky Van Der Meer: A young boy who comes to the clinic for a cough. House is intrigued by his father, who was struck mute after knee surgery. When Mr. Van Der Meer returns to find out his son is okay, House injects him with a mysterious serum. On Mr. Van Der Meer's third visit, House reveals the drug he injected was Botox to treat a rare condition caused by intubating surgery patients. Van Der Meer refuses to acknowledge House's treatment worked, because he is afraid he will have to give back the malpractice settlement he won for the injury, but House gets him to admit that the treatment was successful by blinking twice.
---
Scott Adams mentioned botox in his blog, which reminded me of the episode. :-)
I haven't looked at her entry, but I could see this as a good program. I have a fairly large wardrobe, with tons of accessories (ties, suit jackets, black or brown shoes, etc etc) and it'd be nice to have something to automatically pick out an outfit for the day that doesn't look like it was picked out by my pet dog or the Magic 8 ball. Couple that with it knowing how much longer I can delay the inevitable laundry day. I can't say that I'd pay for the app, but were it available, I'd probably use it.
I'm glad that you mentioned flow-based monitoring. I'm not involved with the project at all, but using http://www.ntop.org/">NTop to monitor NetFlow/SFlow and MRTG/Cricket to monitor traffic crossing switches is a good way to detect illicit file sharing.
It looks like good things are coming from the Prelude project as well, though I haven't used it so if anyone has anything to say about it, I'd love to hear it.
Set up a bridge without an IP address and install Snort on it. On FreeBSD or OpenBSD, this procedure is a snap. Your mileage may vary, query Google for assistance.
Snort identifies traffic by signatures, so instead of you eyeballing suspicious patterns, it can tell you if certain phrases are used, certain protocols, or what-have-you. Writing your own signatures are a piece of cake and the process is well-documented.
The bridge sits at the mouth of your network (behind your firewall) and can be used to identify what is getting past the firewall.
For the crafty -- use Snort2pf to automatically block inappropriate traffic. I used this to discourage eDonkey usage on school system's computer network and it worked like a dream.
If you're feeling adventurous, you can get a Soekris box, install OpenBSD/FreeBSD and have a completely customizable wireless access point. With PF and ALTQ, you can do bandwidth throttling, can disable certain types of traffic with Snort+PF, or anything else that you feel appropriate. This site www.netgate.com has everything you need, hardware-wise. Google can help you find instructions on getting the OS installed.
I like the Axis cameras. Write a quick script to grab the images and display them in your custom webpage, it's a 10-minute job. Plus, I think the cameras actually run Linux, which I know is a big selling point in some crowds.
IANAL (yet) but informal agreements like these can be seen as anti-competitive, and as such, illegal under anti-trust laws. Then again, all of these companies already have high-paid lawyers who haven't throw up red flags about this, so I could be wrong.
Well, granted I did have to set up the config file, but it wasn't too terribly difficult:
[global]
workgroup = WORKGROUP
server string = Description of Server
security = share
( Rpbailey Notes: This might be where you were led astray. You probably had samba set to use passwords instead of share security. )
[Multimedia]
path =/usr/multimedia
writable = yes
comment = Multimedia
browseable = yes
public = yes
---
Just make sure that the directory in question is writable by your samba user (assuming you have a user that samba runs as) or is otherwise writable. The most "playing around" you have to do is with permissions on that one folder.
The laptops are going to be the biggest hassle, as people tend to take them home and who knows what crap they do there.
Set up a NATD gateway with DansGuardian, ClamAV, Squid, and whatever other proxies for your systems to direct their traffic out. The NAT will protect them from worms and viruses randomly scanning for IP addresses and the other programs will filter for viruses if they check Hotmail, POP, or whatever else they might use. You can set up SMB-scanning with ClamAV to randomly check the computers on your network for viruses. If you have the option, I'd recommend Deep Freeze for your Windows XP computers. If more information is desired about anything I've said, please leave a message and I'll dig up information on how to configure said programs.
The article doesn't say whether the program will be released under the BSD license (unlikely) or whether it will remain under the CDDL. The latter seems most likely.
I think it works fairly well. I run Windows 2000 inside it on a 1.4 Ghz Pentium M chip with 256 M RAM and while it does lag in places, it is more or less functional for me to use IE for my workplace's tracking system. There was an article a few weeks ago about making Windows 2000 work in low-powered machines, coupled with the QEMU Accelerated, things kicked along just fine. I wish I had some definite numbers I could give you. Pound for pound, it seems about as fast as VMWare on FreeBSD and was far less of a headache to set up.
Just a suggestion, if you have some harddrive space, download Qemu and install some *BSD in it. Play with that when you get a moment or two, check the documentation with your BSD of choice (FreeBSD has a very nice handbook) and then, when you feel the time to switch is at hand, you won't have to "play" on your real box, because you'll already know what to do.
Or something like that. Good luck!
You probably already know this, but on FreeBSD, in/usr/ports/emulation/qemu, if you type:
make WITH_KQEMU=true install clean, it'll make the kqemu system work on FreeBSD. Unfortunately, we're still stuck on Qemu 7.0, but that'll probably change as soon as the ports freeze is over.
I think it still prompts you to install the patches, even if you automatically download them. Some people just can't be bothered. I haven't touched a Windows machine since Windows 98, so someone please correct me if I am mistaken. (Nanogator would have a brilliant and biting comment here)
Sorry to respond to my own post, don't take that as an endorsement that people should blindly accept patches or anything from Microsoft, it was just one thing MS could/would conceivably do to get users to patch their systems.
Releasing patches that quickly would probably make the releases smaller, which means people would be less likely to cancel the download in disgust when they see it would take 2+ hours to complete. Having said that, given the users I've encountered, MS would need something like "Automatically Apply Patches without Prompting Me" as one of the initial options or users would just "X" out of the warning pop-up, as they do nowadays.
I was unable to find stats for OpenBSD, but I last recall it was in the 2000 range.
Anywho, my point being, it contains about 1/2 of the packages that Gentoo has (and, let's be honest, a lot of the stuff in Gentoo is fluffy crap) and runs on platforms that it is dead-impossible to find decent apps for, like AIX.
PkgSrc alone is worth a small donation. With it, you can compile the same apps for many different operating systems, including Solaris, *BSD, Linux, and Irix. While not as extensive as some of the Port systems, the fact that it is so standardized across the board is a decent exchange.
You're probably thinking about Dmitry Sklyarov, a Russian programmer who circumvented Adobe's eBook encryption scheme. He was arrested, from what I understand, not for cracking the code but for giving a talk about it in Las Vegas. I didn't really follow the case, but Slashdot had a bit about him a while ago:
http://slashdot.org/article.pl?sid=01/07/17/130226
Story about the firewall not blocking Windows shares. I think Slashdot carried this story a long time ago as well. Do not get me wrong, the firewall and steps in SP2 are a nice step, but they simply are not enough at this point. Unless the user is actively involved, no default Windows setup will be enough.
Slashdot Mirror
I didn't see it when I watched the movie, but apparently there is a "meteor" that falls into the ocean when the two people are sitting on the Ferris Wheel at the end of the movie (which takes place a month before the monster attacks).
I believe Nevada was offered a fiduciary incentive, which they turned down stating they plain didn't want the material in their state. The government then turned around and said they really didn't have a choice in the matter anyways. Although really, choosing a mountain that sits on a fault line near one of the fastest-growing cities in America (Las Vegas) and next to the largest generator of electricity for the South-West (Hoover Dam)...not a good move.
Their CVS implementation is BSD-licensed and has been/will continue to be fully audited for security purposes.
And in fact, he did in Episode 14, in the first season -- Control. http://en.wikipedia.org/wiki/Control_(House_episod e)
:-)
Under clinic patients:
Ricky Van Der Meer: A young boy who comes to the clinic for a cough. House is intrigued by his father, who was struck mute after knee surgery. When Mr. Van Der Meer returns to find out his son is okay, House injects him with a mysterious serum. On Mr. Van Der Meer's third visit, House reveals the drug he injected was Botox to treat a rare condition caused by intubating surgery patients. Van Der Meer refuses to acknowledge House's treatment worked, because he is afraid he will have to give back the malpractice settlement he won for the injury, but House gets him to admit that the treatment was successful by blinking twice.
---
Scott Adams mentioned botox in his blog, which reminded me of the episode.
I haven't looked at her entry, but I could see this as a good program. I have a fairly large wardrobe, with tons of accessories (ties, suit jackets, black or brown shoes, etc etc) and it'd be nice to have something to automatically pick out an outfit for the day that doesn't look like it was picked out by my pet dog or the Magic 8 ball. Couple that with it knowing how much longer I can delay the inevitable laundry day.
I can't say that I'd pay for the app, but were it available, I'd probably use it.
And this is why one should preview their comments.
I'm glad that you mentioned flow-based monitoring. I'm not involved with the project at all, but using http://www.ntop.org/">NTop to monitor NetFlow/SFlow and MRTG/Cricket to monitor traffic crossing switches is a good way to detect illicit file sharing.
It looks like good things are coming from the Prelude project as well, though I haven't used it so if anyone has anything to say about it, I'd love to hear it.
Set up a bridge without an IP address and install Snort on it. On FreeBSD or OpenBSD, this procedure is a snap. Your mileage may vary, query Google for assistance.
Snort identifies traffic by signatures, so instead of you eyeballing suspicious patterns, it can tell you if certain phrases are used, certain protocols, or what-have-you. Writing your own signatures are a piece of cake and the process is well-documented.
The bridge sits at the mouth of your network (behind your firewall) and can be used to identify what is getting past the firewall.
For the crafty -- use Snort2pf to automatically block inappropriate traffic. I used this to discourage eDonkey usage on school system's computer network and it worked like a dream.
If you're feeling adventurous, you can get a Soekris box, install OpenBSD/FreeBSD and have a completely customizable wireless access point. With PF and ALTQ, you can do bandwidth throttling, can disable certain types of traffic with Snort+PF, or anything else that you feel appropriate. This site www.netgate.com has everything you need, hardware-wise. Google can help you find instructions on getting the OS installed.
I like the Axis cameras. Write a quick script to grab the images and display them in your custom webpage, it's a 10-minute job. Plus, I think the cameras actually run Linux, which I know is a big selling point in some crowds.
Thanks! I bow to your wisdom.
IANAL (yet) but informal agreements like these can be seen as anti-competitive, and as such, illegal under anti-trust laws. Then again, all of these companies already have high-paid lawyers who haven't throw up red flags about this, so I could be wrong.
[global]
workgroup = WORKGROUP
server string = Description of Server
security = share
( Rpbailey Notes: This might be where you were led astray. You probably had samba set to use passwords instead of share security. )
[Multimedia] /usr/multimedia
path =
writable = yes
comment = Multimedia
browseable = yes
public = yes
---
Just make sure that the directory in question is writable by your samba user (assuming you have a user that samba runs as) or is otherwise writable. The most "playing around" you have to do is with permissions on that one folder.
Good luck!
The laptops are going to be the biggest hassle, as people tend to take them home and who knows what crap they do there. Set up a NATD gateway with DansGuardian, ClamAV, Squid, and whatever other proxies for your systems to direct their traffic out. The NAT will protect them from worms and viruses randomly scanning for IP addresses and the other programs will filter for viruses if they check Hotmail, POP, or whatever else they might use. You can set up SMB-scanning with ClamAV to randomly check the computers on your network for viruses. If you have the option, I'd recommend Deep Freeze for your Windows XP computers. If more information is desired about anything I've said, please leave a message and I'll dig up information on how to configure said programs.
The article doesn't say whether the program will be released under the BSD license (unlikely) or whether it will remain under the CDDL. The latter seems most likely.
I think it works fairly well. I run Windows 2000 inside it on a 1.4 Ghz Pentium M chip with 256 M RAM and while it does lag in places, it is more or less functional for me to use IE for my workplace's tracking system. There was an article a few weeks ago about making Windows 2000 work in low-powered machines, coupled with the QEMU Accelerated, things kicked along just fine. I wish I had some definite numbers I could give you. Pound for pound, it seems about as fast as VMWare on FreeBSD and was far less of a headache to set up.
Just a suggestion, if you have some harddrive space, download Qemu and install some *BSD in it. Play with that when you get a moment or two, check the documentation with your BSD of choice (FreeBSD has a very nice handbook) and then, when you feel the time to switch is at hand, you won't have to "play" on your real box, because you'll already know what to do. Or something like that. Good luck!
You probably already know this, but on FreeBSD, in /usr/ports/emulation/qemu, if you type:
make WITH_KQEMU=true install clean, it'll make the kqemu system work on FreeBSD. Unfortunately, we're still stuck on Qemu 7.0, but that'll probably change as soon as the ports freeze is over.
I think it still prompts you to install the patches, even if you automatically download them. Some people just can't be bothered. I haven't touched a Windows machine since Windows 98, so someone please correct me if I am mistaken. (Nanogator would have a brilliant and biting comment here)
Sorry to respond to my own post, don't take that as an endorsement that people should blindly accept patches or anything from Microsoft, it was just one thing MS could/would conceivably do to get users to patch their systems.
Releasing patches that quickly would probably make the releases smaller, which means people would be less likely to cancel the download in disgust when they see it would take 2+ hours to complete. Having said that, given the users I've encountered, MS would need something like "Automatically Apply Patches without Prompting Me" as one of the initial options or users would just "X" out of the warning pop-up, as they do nowadays.
Gentoo(Linux, not BSD):
19384 ebuilds, 9440 Packages, Last Updated At 12:21:45 GMT
PkgSrc (NetBSD+):
Over 5400 packages
FreeBSD Freshports:
10897
I was unable to find stats for OpenBSD, but I last recall it was in the 2000 range.
Anywho, my point being, it contains about 1/2 of the packages that Gentoo has (and, let's be honest, a lot of the stuff in Gentoo is fluffy crap) and runs on platforms that it is dead-impossible to find decent apps for, like AIX.
PkgSrc alone is worth a small donation. With it, you can compile the same apps for many different operating systems, including Solaris, *BSD, Linux, and Irix. While not as extensive as some of the Port systems, the fact that it is so standardized across the board is a decent exchange.
You're probably thinking about Dmitry Sklyarov, a Russian programmer who circumvented Adobe's eBook encryption scheme. He was arrested, from what I understand, not for cracking the code but for giving a talk about it in Las Vegas. I didn't really follow the case, but Slashdot had a bit about him a while ago: http://slashdot.org/article.pl?sid=01/07/17/130226
Story about the firewall not blocking Windows shares. I think Slashdot carried this story a long time ago as well. Do not get me wrong, the firewall and steps in SP2 are a nice step, but they simply are not enough at this point. Unless the user is actively involved, no default Windows setup will be enough.