UPNP doesn't solve this problem, and is yet another horrible hack that should never have existed in the first place, along with NAT. Thanks to UPNP any crap you get infected with can request the router to open a port for it to receive instructions. Isn't that wonderfully convenient?
Don't forget that with UPnP, the router is usually your firewall as well, and both the firewall and NAT get configured. If you had a public address, UPnP wouldn't be needed, but you would still need to open the port on the firewall. So, at first glance you would think that UPnP doesn't hurt vs public addresses... but I would hope you wouldn't sit naked (without a firewall).
Last I checked, undersea cables were pretty reliable when they weren't being cut "accidentally". Mountains don't exactly block packets. Rivers don't make my bits come out soggy on the other end.
Very true, however getting around all of these geographical obstacles can be very expensive. That's less political discrimination and simple economics - they either can't (or wont) spend the money where others will. They might have different priorities, or different revenue/expenses.
Most of my attackers come from residential services all over the USA and UK, or don't resolve to an address at all. Those domains would be an exception.
Denyhosts does the same thing, but has a global synchronization method. If one person using the sync feature bans someone, they all do.
It only works for ssh though. fail2ban is flexible enough to monitor anything and do anything, in response to any pattern. Pretty damned powerful really.
There is a danger though. What stops someone from spoofing a given address with the intention of putting it on 'the list'? Now all your systems have locked you out... what do you do?
(that said, I use denyhosts with it's sync feature)
I only have one machine. It's on all the time though. I usually start up rtorrent in a screen session, with it configured to watch. All I have to do is download a torrent to a particular directory... that's it. The rest gets handled automatically.
Oh... and don't use smilies like that, they make you look like a tool
Heck, set up your RC file, and have a watch folder. Copy (or symlink) a torrent to the directory and go to lunch. rtorrent is cranking away in a screen session the whole time, automatically adds it, starts downloading, seeds based on your rules, and removes it.
Just because three islands are labeled A, B, and C, doesn't change the fact that the cable connecting B and C is small while the one between A and B is larger. Politics has nothing to do with this.
Oh, you meant prioritize by politics, not geography.
No. You can try reading the summary, asshole. Here, I'll repost it here in case you were too lazy to read it above:
"While I live in S.Korea and have virtually unlimited bandwidth in and out of the country, not all my Asian friends are so lucky. Many of the SE Asian and African countries have small international pipes. Even when a user has a high-speed local connection, downloads from abroad will trickle in. Bittorrent clients apparently don't prioritize other users on the same ISP or at least in the same country. Why is that? Is it difficult to manage? If I were to write a plug-in for, say, Deluge, what hurdles would I be likely to come across? If this functionality is available in other clients or through plug-ins, please chime in."
Have you built your Slackware packages from source? Have you inspected the compiler output to be sure it's not adding anything illicit? Have you inspected the source itself and followed all the logic trees, code paths, etc? Do you trust Patrick Volkerding ultimately with your security?
If you answered no to ANY of those questions, you have no more security vs backdoor access than you would with Windows.
If you are being provided data from me, you are a client and I am a server.
Period. Just because this relationship only lasts a few minutes, doesn't make it any less of a client/server relationship.
UPNP doesn't solve this problem, and is yet another horrible hack that should never have existed in the first place, along with NAT. Thanks to UPNP any crap you get infected with can request the router to open a port for it to receive instructions. Isn't that wonderfully convenient?
Don't forget that with UPnP, the router is usually your firewall as well, and both the firewall and NAT get configured. If you had a public address, UPnP wouldn't be needed, but you would still need to open the port on the firewall. So, at first glance you would think that UPnP doesn't hurt vs public addresses... but I would hope you wouldn't sit naked (without a firewall).
Ramble over.
Look how much the US DoD is taking up. Holy shit!
There is always a server. Even multicast has a server.
However, with P2P, a client acts like a server some of the time, and as a client others. It fills both roles as needed.
Quit talking out of your ass.
It's a shame we don't compile written word. ...
Programming is not literature, it's machine instructions.
That was shot, not slugs. A slug could have cracked the engine block and REALLY fucked the truck up.
A read only filesystem for general use. That sounds like fun.
Yep, just like the rootkit they would put in the windows machine.
I don't see a difference, only that the government is saying "you must use linux".
Really, what's the problem with that? I mean, it sucks... but it could be far worse...
I think parents need to think of their own children, and not shoving the burden on everyone else.
"Not everyone wants to think of your children!"
Yes, you are.
This "meme" if you can even call it that, is stale. Learn to read, and keep such mistakes to your self. Nobody cares.
A half connection would be scored as an attack. You send your half of the connection with delays, and your work is done.
Last I checked, undersea cables were pretty reliable when they weren't being cut "accidentally".
Mountains don't exactly block packets.
Rivers don't make my bits come out soggy on the other end.
Very true, however getting around all of these geographical obstacles can be very expensive. That's less political discrimination and simple economics - they either can't (or wont) spend the money where others will. They might have different priorities, or different revenue/expenses.
No, but I may have left a banana magazine in there.... (SFW)
Most of my attackers come from residential services all over the USA and UK, or don't resolve to an address at all. Those domains would be an exception.
Denyhosts does the same thing, but has a global synchronization method. If one person using the sync feature bans someone, they all do.
It only works for ssh though. fail2ban is flexible enough to monitor anything and do anything, in response to any pattern. Pretty damned powerful really.
That's a DDoS, and would kick your one-man-and-a-dog site off the net. For a while, at least. And there would be nothing you could do about it.
How is this new? Botnets have had this capability for a looong time.
There is a danger though. What stops someone from spoofing a given address with the intention of putting it on 'the list'? Now all your systems have locked you out... what do you do?
(that said, I use denyhosts with it's sync feature)
I guess one could concentrate on a mental image of Sarah Palin in a nipple bra to counter the Bin Laden image.
While she may not be very bright (understatement anyone?) you have to admit that you would hit that.
Because RDP is so much lighter on bandwidth than a terminal session with a simple command to download the torrent to a particular folder.
I only have one machine. It's on all the time though. I usually start up rtorrent in a screen session, with it configured to watch. All I have to do is download a torrent to a particular directory... that's it. The rest gets handled automatically.
Oh... and don't use smilies like that, they make you look like a tool
Heck, set up your RC file, and have a watch folder. Copy (or symlink) a torrent to the directory and go to lunch. rtorrent is cranking away in a screen session the whole time, automatically adds it, starts downloading, seeds based on your rules, and removes it.
Just because three islands are labeled A, B, and C, doesn't change the fact that the cable connecting B and C is small while the one between A and B is larger. Politics has nothing to do with this.
rtorrent
Oh, you meant prioritize by politics, not geography.
No. You can try reading the summary, asshole. Here, I'll repost it here in case you were too lazy to read it above:
"While I live in S.Korea and have virtually unlimited bandwidth in and out of the country, not all my Asian friends are so lucky. Many of the SE Asian and African countries have small international pipes. Even when a user has a high-speed local connection, downloads from abroad will trickle in.
Bittorrent clients apparently don't prioritize other users on the same ISP or at least in the same country. Why is that? Is it difficult to manage? If I were to write a plug-in for, say, Deluge, what hurdles would I be likely to come across? If this functionality is available in other clients or through plug-ins, please chime in."
Have you built your Slackware packages from source? Have you inspected the compiler output to be sure it's not adding anything illicit? Have you inspected the source itself and followed all the logic trees, code paths, etc? Do you trust Patrick Volkerding ultimately with your security?
If you answered no to ANY of those questions, you have no more security vs backdoor access than you would with Windows.