For a while, I ran a patched kernel that would allow the immutable or append only bits to be set by root but not cleared. Clearing the bits when necessary required booting into another kernel (which would trigger many alarms when the machine went down). FYI you don't need a special kernel for that for linux,
that will disable the ability to alter immutable bits, access/dev/mem, kmem, etc, load kernel modules, access storage devices directly or reboot the system.
Now lets put said unalterable log on an encrypted partition that requires a key on a usb dongle to mount, split the key into a few parts and give the parts out to different people.
Also there are hardware crypto based document storage solutions out there that supposedly make things totally unalterable short of an act of god (embeded in laquer kind of thing). Ncipher makes some stuff like that, google them. (I don't have any vested interest, it's just the only company I know of that makes that sort of thing).
Checking for reverse dns is alright, checking to see if the forward dns works for said reverse dns makes admins cry because sooooo many people have 'reverse dns' that resolves to a hostname that points somewhere else, or doesn't exist, etc. In the sendmail hack given, you have three conditions near the bottom, FAIL, TEMP and FORGED. It's FORGED that causes the headaches (this verifies matching reverse/forward dns). Just remove that line and it will only verify that reverse dns exists.
Re:Requiring payment for delisting
on
Choosing a Good DNSBL
·
· Score: 2, Interesting
I guess whatever provider that was stopped, because I havn't heard a thing out of my users about Sorbs for a long time. They're irrelevant now, moreso since Sorbs shut their spam list down a few weeks ago after the founder had a breakdown. Did anyone even notice? That's how irrelevant they are.
An email passing through someone else's router is not going to be seen by human eyes by accident. It will not "flash" across a monitor, it will not be opened and read with out specifically and purposefully being opened. Huh? No? Random stuff bounces into the postmaster box all the time, stupid aolers press 'mark as spam' and bam, a copy of your message in _my_ mailbox, fire up ethereal (wireshark w/e) to diagnose some problem and weeeeeee a zillion email messages fly right by my screen. Mail spool's growing exponentially, lets do some greping and figure out who the culprit is.
So ya, people's private messages do, quite literaly, flash across a sysadmins monitor. I really don't want to see them either, but ya know, that's my job so I deal with your petty lovers spats people forward to abuse, your missaddressed candid porno shots from your cell phone and your business deals sent from mail servers you don't know how to configure. You think your email is private unless someone _wants_ to look at it? LOL ya ok.
Binding sessions to ip prevents people from stealing your session and using it on another machine, it does not prevent them from taking over your session and silently doing things inside your own web browser while you sit there clueless.
Ie. If I xss your bank webpage, I can write the code to send the cookie to my webserver... which is worthless because the session is bound to an ip. OR I can write the code to use a xmlhttprequest to silently enter your banking preferences and reset your password/transfer funds/scrape account/routing numbers and haul them offsite in the background while you go about your business. Anything you can do sitting there at your web browser by clicking and typing stuff, someone else can do to you using xss.
BayTSP knowingly submits dmca takedown notices for transit traffic to isp abuse desks, bypassing the registered dmca contact. Some abuse desks might go 'oh, copyright violation!' and give the user a nastygram or turn them off, but the dmca limitations on liability is pretty specific on the differences between transitory data and hosted data. The takedown provisions only apply to hosted data. Takedown notices are only valid if sent to the dmca agent registered with the copyright office. Transatory communications has no takedown provisions, and the ISP can not be held liable for transit data _even if it breaks the law and they know it_.
Just buy me a few hundred 10gig fiber taps and a san the size of the building and we'll be good to go. Seriously, who comes up with this crap. Do they have ANY idea how much traffic even a mid sized provider puts out? I need a room full of servers just to handle the last _week_ worth of email and my poor laptop explodes if I even think about trying to selectivly sniff at gigabit speed. I wonder if I con management into offering an end to end crypto service.......
reject: mail from: 250 Sender ok rcpt to: 550 does not exist here
If it was a virii sending this, it just stops there. No one gets any message. If there's a mail server inbetween, then the sender side mail server would generate a bounce to me@here.com. Most virii are sending direct with no mail server in between.
bounce: mail from: 250 Sender ok rcpt to: 250 Recipient ok data 354 Enter mail, end with "." on a line by itself lolspamspam wonderfull spam lovely spam . 250 Message accepted for delivery.
It then sends the spam message to me@here.com with a few lines about it being undeliverable at the top. Every time. Think of it as an open relay that adds a bayesian slaying text block to the top.
Spam is spam. I don't care if it was relayed by using the victim address in 'rcpt to:' (traditional spamming) or 'mail from:' (blowback spamming). So you stuck three lines of text above it then relayed it on to the victim. Good job, by bouncing instead of rejecting you're an open relay. You even add some additional bayesian slaying text to the top. That's how I see it.
It's really not that difficult to configure your mail systems to reject instead of accept then bounce. I see this as becoming manditory, similar to how it used to be ok to have an open relay, then over time it became a sin.
I manage email systems for a large isp. Our static ip ranges ranges are automaticaly swipped, with the word 'static' in the whois description, assigned non generic reverse DNS consisting of the customer's hostname + domain name (ex. mail.someusersdomain.com), with long dns ttls. Despite that, Sorbs repeatedly lists said users as dynamic. The last Sorbs isp ticket I opened to delist one of these ranges (again), using the correct registered arin contact address, took five months. I count myself lucky, because the ticket before that fell off the face of the earth with no response. Sorbs knowingly lists people who do not meet their listing criteria, and does not delist when you follow their documented delisting procedures.
Block dynamic ranges? Yes, good idea. Block dynamic ranges using Sorb's dynamic list? Bad idea. Sorbs and Spews are both bad ideas.
Spamhaus and dsbl are reputable and well maintained alternatives.
I've been in this situation. I had a few years experience with C, and the students at my school wanted a C class. I mated it to existing Basic class taught by an experienced professor and mirrored his Basic course exactly... except in C. The professor didn't know C, but he didn't need to because his course was teaching programming using Basic, not Basic. It was trivial to take his course material and port it to C. I just had my C students do most of the same exercises as the Basic students. This was a 'first' programming class for most of these people, so I really didn't get into the more C specific stuff. A problem might have been like: "make a program that takes input of amount/time/rate of a mortage, then generates and prints an amortization table, sortable by column, using only 'for' loops". Same stuff you get in any first programming class, langauge doesn't matter. In all fairness though, I was bad teacher and wouldn't do it again.
10k is not an unreasonable amount of money to have available in an emergency fund (typicaly made of 3-6 months worth of salary). It's a wise financial precaution to have one. Some person/government/organization is not always going to bail you out. Some people choose a lesser insurance plan, putting the money saved on insurance premiums into a savings account. Do remember, insurance companies make money off you, and they don't always come through when you need it. The government? You trust the GOVERNMENT to always come through? Right. Emergency fund. Google it.
Back in the day when midi's were popular I discovered that it was somewhat trivial to open up a midi file with a score based midi editor, transcribe whichever part I wanted to my instrument of choice and press 'print'. Midi files are common enough that you can easily find a midi of any song ever and they're not subject to legal problems like digital images of the actual score or mp3s.
You do know that prepared statements use mysql_real_escape_string to escape with, yes?
Please compare how mysql-5.1.7-beta/libmysqld/sql_prepare.cc sanitizes input vs mysql_real_escape_string in mysql-5.0.24a/libmysql/libmysql and you can verify for yourself. The mysql client libs have been audited by thousands for many years and accounts for multibyte langauge characters. Your regexp does not. You can look at the code mysql uses to sanatize mysql_real_escape_string and prepared statements in mysql-5.0.24a/mysys/charset.c (escape_string_for_mysql). It's only 87 lines. You can try to reproduce it in regexp if you wish, but if you had not looked at escape_string_for_mysql() you would likely fail. Please use a database's client libs to sanatize, not your own.
A simple regexp escaper and mysql_real_escape_string are in _NO WAY_ equivalent.
I speak of using regex as an escaping mechanism, not data verification. Hence the comparison to another escaping mechanism. I was not clear. It would be an apples and oranges comparison otherwise. Regexp should never be used to escape data sent to a database, rather there are mechanisms that use the libraries of the database in question to escape it.
This 11% was determine by a weak testing mechanism. For every site that baltently spews sql errors to the user there are two that silently return a generic sanitized error, and another two that return no error at all. It would produce more results if you take it a step further and ask yes no questions, such as:
?id=99999' OR '10
and see if the page returns the results of id=10 as expected. It's also common for people to use weak regexp (regexp should NEVER be used to protect against sql injection, see mysql_real_escape_string) and miss some characters:
?id=99999)
or fail to sanitize non us language encoding. Also, get variables are often the most protected. It is much more common to find sql injection in <input type=hidden variables, or in cookie data. The number 11% is extremely low. I'd guess more like 80%.
You obviously did not read the link. An ISP is _not liable_ for transit traffic. Ever. Even if you write the complainant back and say "LOL YA RIGHT" or flat out ignore them. Even if the notice is sent certified mail, says 'DMCA NOTICE' in the subject line, follows your takedown proceedures to the letter and threatens (e)legal action. DMCA takedown procedures (or even court subpoenas for that matter) do not apply to transit!
Hi, as an ISP I'm sure you know that you are protected by the Online Copyright Infringement Liability Limitation Act section 512(a). It protects an ISP from all liability concerning transit traffic. Any smart ISP noc follows strict DMCA takedown procedures if the content is stored on their systems (such as a website), and drops all transit takedown requests not in the form of a court order on the floor to avoid opening them self up to civil liability.
I've been getting these dumb 'dmca' complaints to my abuse@ box at work (an isp) for years. What they don't get (or more likely, simply ignore hoping the isp doesnt know) is that the dmca only provides takedown mechanisms for content stored on the provider's equipment. An illegal file stored on the user's PC is transit and the ISP opens themselfs up to legal liability if they act on it, even if they know what the user is doing. You can read the nitty gritty on wikipedia. Of course this is the usa, and the artical is about the brits. I know nothing about British law.
I am amazed at the amount of self guilt and pessimism expressed in response to his question. I propose that the question was asked from the _false_ pretense that we are at risk of not surviving. The question is even asked using a (stated) false pretense as a setup: "In a world that is in chaos politically, socially and environmentally". How's this for an alternative view:
We will survive the next 100 years even if we tried our hardest to destroy ourselfs. Every biological and mental mechanism we have programmed into us is designed to continue our race. Take away our desire to reproduce? Take away our pride, greed or desire to exceed? The human race stands no chance of being destroyed.
Steven Hawkings may be one of the smartest men who has lived, but perhaps he hasn't studied history? Or perhaps he is trolling. Our world is in chaos politically socially and environmentally? Compared to when exactly? Oh my god, it's because BUSH is president isn't it. Yep, all Bushes fault. Seriously people, take the liberalism, go cut and blog about it on your livejournal. I can't believe a smart man such as Steven Hawkings would live in a state of emo self defeatism by telling himself the world is going to hell, so I can only assume that it was a brilliant troll.
Slashdot Mirror
Plus the quality assurance team of 999,990.
This has been done and done well. Why the cheap knockoff?
kcachegrind is very nice for a lot of languages. It makes an easy to read function call map, among other things.
> Why no security as standard?
CALEA compliance.
lcap CAP_LINUX_IMMUTABLE CAP_SYS_RAWIO CAP_SYS_MODULE CAP_MKNOD CAP_SYS_BOOT
unlink
that will disable the ability to alter immutable bits, access
Now lets put said unalterable log on an encrypted partition that requires a key on a usb dongle to mount, split the key into a few parts and give the parts out to different people.
Also there are hardware crypto based document storage solutions out there that supposedly make things totally unalterable short of an act of god (embeded in laquer kind of thing). Ncipher makes some stuff like that, google them. (I don't have any vested interest, it's just the only company I know of that makes that sort of thing).
Checking for reverse dns is alright, checking to see if the forward dns works for said reverse dns makes admins cry because sooooo many people have 'reverse dns' that resolves to a hostname that points somewhere else, or doesn't exist, etc. In the sendmail hack given, you have three conditions near the bottom, FAIL, TEMP and FORGED. It's FORGED that causes the headaches (this verifies matching reverse/forward dns). Just remove that line and it will only verify that reverse dns exists.
I guess whatever provider that was stopped, because I havn't heard a thing out of my users about Sorbs for a long time. They're irrelevant now, moreso since Sorbs shut their spam list down a few weeks ago after the founder had a breakdown. Did anyone even notice? That's how irrelevant they are.
So ya, people's private messages do, quite literaly, flash across a sysadmins monitor. I really don't want to see them either, but ya know, that's my job so I deal with your petty lovers spats people forward to abuse, your missaddressed candid porno shots from your cell phone and your business deals sent from mail servers you don't know how to configure. You think your email is private unless someone _wants_ to look at it? LOL ya ok.
Binding sessions to ip prevents people from stealing your session and using it on another machine, it does not prevent them from taking over your session and silently doing things inside your own web browser while you sit there clueless.
Ie. If I xss your bank webpage, I can write the code to send the cookie to my webserver... which is worthless because the session is bound to an ip. OR I can write the code to use a xmlhttprequest to silently enter your banking preferences and reset your password/transfer funds/scrape account/routing numbers and haul them offsite in the background while you go about your business. Anything you can do sitting there at your web browser by clicking and typing stuff, someone else can do to you using xss.
already invented, people talk like that all the time on irc
BayTSP knowingly submits dmca takedown notices for transit traffic to isp abuse desks, bypassing the registered dmca contact. Some abuse desks might go 'oh, copyright violation!' and give the user a nastygram or turn them off, but the dmca limitations on liability is pretty specific on the differences between transitory data and hosted data. The takedown provisions only apply to hosted data. Takedown notices are only valid if sent to the dmca agent registered with the copyright office. Transatory communications has no takedown provisions, and the ISP can not be held liable for transit data _even if it breaks the law and they know it_.
Just buy me a few hundred 10gig fiber taps and a san the size of the building and we'll be good to go. Seriously, who comes up with this crap. Do they have ANY idea how much traffic even a mid sized provider puts out? I need a room full of servers just to handle the last _week_ worth of email and my poor laptop explodes if I even think about trying to selectivly sniff at gigabit speed. I wonder if I con management into offering an end to end crypto service.......
reject:
mail from:
250 Sender ok
rcpt to:
550 does not exist here
If it was a virii sending this, it just stops there. No one gets any message. If there's a mail server inbetween, then the sender side mail server would generate a bounce to me@here.com. Most virii are sending direct with no mail server in between.
bounce:
mail from:
250 Sender ok
rcpt to:
250 Recipient ok
data
354 Enter mail, end with "." on a line by itself
lolspamspam wonderfull spam lovely spam
.
250 Message accepted for delivery.
It then sends the spam message to me@here.com with a few lines about it being undeliverable at the top. Every time. Think of it as an open relay that adds a bayesian slaying text block to the top.
Spam is spam. I don't care if it was relayed by using the victim address in 'rcpt to:' (traditional spamming) or 'mail from:' (blowback spamming). So you stuck three lines of text above it then relayed it on to the victim. Good job, by bouncing instead of rejecting you're an open relay. You even add some additional bayesian slaying text to the top. That's how I see it.
It's really not that difficult to configure your mail systems to reject instead of accept then bounce. I see this as becoming manditory, similar to how it used to be ok to have an open relay, then over time it became a sin.
I manage email systems for a large isp. Our static ip ranges ranges are automaticaly swipped, with the word 'static' in the whois description, assigned non generic reverse DNS consisting of the customer's hostname + domain name (ex. mail.someusersdomain.com), with long dns ttls. Despite that, Sorbs repeatedly lists said users as dynamic. The last Sorbs isp ticket I opened to delist one of these ranges (again), using the correct registered arin contact address, took five months. I count myself lucky, because the ticket before that fell off the face of the earth with no response. Sorbs knowingly lists people who do not meet their listing criteria, and does not delist when you follow their documented delisting procedures.
Block dynamic ranges? Yes, good idea. Block dynamic ranges using Sorb's dynamic list? Bad idea. Sorbs and Spews are both bad ideas.
Spamhaus and dsbl are reputable and well maintained alternatives.
I've been in this situation. I had a few years experience with C, and the students at my school wanted a C class. I mated it to existing Basic class taught by an experienced professor and mirrored his Basic course exactly... except in C. The professor didn't know C, but he didn't need to because his course was teaching programming using Basic, not Basic. It was trivial to take his course material and port it to C. I just had my C students do most of the same exercises as the Basic students. This was a 'first' programming class for most of these people, so I really didn't get into the more C specific stuff. A problem might have been like: "make a program that takes input of amount/time/rate of a mortage, then generates and prints an amortization table, sortable by column, using only 'for' loops". Same stuff you get in any first programming class, langauge doesn't matter. In all fairness though, I was bad teacher and wouldn't do it again.
10k is not an unreasonable amount of money to have available in an emergency fund (typicaly made of 3-6 months worth of salary). It's a wise financial precaution to have one. Some person/government/organization is not always going to bail you out. Some people choose a lesser insurance plan, putting the money saved on insurance premiums into a savings account. Do remember, insurance companies make money off you, and they don't always come through when you need it. The government? You trust the GOVERNMENT to always come through? Right. Emergency fund. Google it.
Back in the day when midi's were popular I discovered that it was somewhat trivial to open up a midi file with a score based midi editor, transcribe whichever part I wanted to my instrument of choice and press 'print'. Midi files are common enough that you can easily find a midi of any song ever and they're not subject to legal problems like digital images of the actual score or mp3s.
You do know that prepared statements use mysql_real_escape_string to escape with, yes?
Please compare how mysql-5.1.7-beta/libmysqld/sql_prepare.cc sanitizes input vs mysql_real_escape_string in mysql-5.0.24a/libmysql/libmysql and you can verify for yourself. The mysql client libs have been audited by thousands for many years and accounts for multibyte langauge characters. Your regexp does not. You can look at the code mysql uses to sanatize mysql_real_escape_string and prepared statements in mysql-5.0.24a/mysys/charset.c (escape_string_for_mysql). It's only 87 lines. You can try to reproduce it in regexp if you wish, but if you had not looked at escape_string_for_mysql() you would likely fail. Please use a database's client libs to sanatize, not your own.
A simple regexp escaper and mysql_real_escape_string are in _NO WAY_ equivalent.
I speak of using regex as an escaping mechanism, not data verification. Hence the comparison to another escaping mechanism. I was not clear. It would be an apples and oranges comparison otherwise. Regexp should never be used to escape data sent to a database, rather there are mechanisms that use the libraries of the database in question to escape it.
This 11% was determine by a weak testing mechanism. For every site that baltently spews sql errors to the user there are two that silently return a generic sanitized error, and another two that return no error at all. It would produce more results if you take it a step further and ask yes no questions, such as:
?id=99999' OR '10
and see if the page returns the results of id=10 as expected. It's also common for people to use weak regexp (regexp should NEVER be used to protect against sql injection, see mysql_real_escape_string) and miss some characters:
?id=99999)
or fail to sanitize non us language encoding. Also, get variables are often the most protected. It is much more common to find sql injection in <input type=hidden variables, or in cookie data. The number 11% is extremely low. I'd guess more like 80%.
You obviously did not read the link. An ISP is _not liable_ for transit traffic. Ever. Even if you write the complainant back and say "LOL YA RIGHT" or flat out ignore them. Even if the notice is sent certified mail, says 'DMCA NOTICE' in the subject line, follows your takedown proceedures to the letter and threatens (e)legal action. DMCA takedown procedures (or even court subpoenas for that matter) do not apply to transit!
Hi, as an ISP I'm sure you know that you are protected by the Online Copyright Infringement Liability Limitation Act section 512(a). It protects an ISP from all liability concerning transit traffic. Any smart ISP noc follows strict DMCA takedown procedures if the content is stored on their systems (such as a website), and drops all transit takedown requests not in the form of a court order on the floor to avoid opening them self up to civil liability.
I've been getting these dumb 'dmca' complaints to my abuse@ box at work (an isp) for years. What they don't get (or more likely, simply ignore hoping the isp doesnt know) is that the dmca only provides takedown mechanisms for content stored on the provider's equipment. An illegal file stored on the user's PC is transit and the ISP opens themselfs up to legal liability if they act on it, even if they know what the user is doing. You can read the nitty gritty on wikipedia. Of course this is the usa, and the artical is about the brits. I know nothing about British law.
I am amazed at the amount of self guilt and pessimism expressed in response to his question. I propose that the question was asked from the _false_ pretense that we are at risk of not surviving. The question is even asked using a (stated) false pretense as a setup: "In a world that is in chaos politically, socially and environmentally". How's this for an alternative view:
We will survive the next 100 years even if we tried our hardest to destroy ourselfs. Every biological and mental mechanism we have programmed into us is designed to continue our race. Take away our desire to reproduce? Take away our pride, greed or desire to exceed? The human race stands no chance of being destroyed.
Steven Hawkings may be one of the smartest men who has lived, but perhaps he hasn't studied history? Or perhaps he is trolling. Our world is in chaos politically socially and environmentally? Compared to when exactly? Oh my god, it's because BUSH is president isn't it. Yep, all Bushes fault. Seriously people, take the liberalism, go cut and blog about it on your livejournal. I can't believe a smart man such as Steven Hawkings would live in a state of emo self defeatism by telling himself the world is going to hell, so I can only assume that it was a brilliant troll.
and to put it bluntly:
YHBT YHL HAND