It's almost as if the world's largest particle physics laboratory had something to do with creating it. Yeah, they needed somewhere to send those particles, so they made all those tubes!
But, how would you fix that? It's not like finding out things in Windows takes any fewer clicks, but then, we shouldn't be using Windows as our benchmark. The idea is not to copy Redmond, but do better than Redmond.
require editing text files
Very few things require text file editing anymore. Most common system administration tasks have a GNOME GUI now in most distros. The only egregious example I can think of is in switching video cards. Get a new video card that requires a different driver, and you'll find yourself hand-hacking/etc/X11/xorg.conf with vi[m] or nano.
The worst thing is permissions editing in Nautilus. Despite the fact that it's SUPPOSED to work, I still can't change permissions recursively on all files and directories from Nautilus without resorting to the command line. I'm about this close to writing a Python-based GTK GUI script and adding it to Nautilus' action menus in Ubuntu Feisty.
The other egregious example of forced command-line usage for me was cleaning my Epson printer, aligning its cartridges, etc. This is now handled for me by my GUI-frontend to escputil, Stylus Toolbox
Ubuntu comes with a few compilers right on the CD, but none are installed by default. Windows, OTOH, doesn't even include any general purpose language right on the CD. At least DOS came with GWBASIC and/or QBASIC. With Windows you get nothing.
Yeah, I knew you could. The average Linux distribution doesn't have anything close to a 1000 licenses in it. Stop being ridiculous. There is pretty much BSD/MIT/X11, GPL, LGPL, Mozilla, Artistic, and maybe a couple of others, depending on what apps are installed.
And in the end -- so what? FOSS licenses break down into two categories: BSD-type and GPL-type. That's it. They're all pretty much the same, especially ones that conform to the Open Source Definition, so who cares?
since I have no desire to pass on the responsibility for deciding some issue that's more important than the average program "smart" people write. Of course, you don't get to decide which cases for which you sit on jury duty. The potential pool of jurors is decided at 'random' by (usuaully) picking drivers' license #s out of a 'hat'.
Because most patent infringement cases are decided by juries. Prior art claims need to be ruled on by a judge, but 12 people, too stupid to get out of jury duty, get to decide if the infringing work actually infringes on the claims.
Don't you just love our court system here in the U.S.?:D
Bleh. I had already blocked off the mail port with IPtables. It was the fact that it was sending thousands of mails an hour that I noticed it was a problem at all.
It's not a great analysis, no. In my case, I was actually able to find the hole (an unpatched BIND with a known exploit -- ouch! That'll teach me to keep my patches up to date!), the attackers IP address, (which was not easy to find. I had to sleuth around a bit a contact a few sysadmins before I traced him down to a cybercafe in China) but it's a good start.
Taking tha machine offline immediately -- bleh. It depends on the box. In my case, my box was nothing more than a old machine being used as a firewall. He was never successful in getting through to my boxes behind the firewall, he tried...but something he saw must've spooked him or made him disintrested, because he stopped looking and just left the box open as a zombie. My guess is that's all he was after was a zombie anyway. So shutting down the box would have saved me exactly what?
And the most important question is, how did he get access in the first time? The server was running Ubuntu 6.06 LTS (i386) and was fairly updated. The compromised could be caused by:
* An exploit unknown to the public.
* A user accessing this server from an already compromised host. The attacker could then sniff the the password. It's a very good question, because if the guy was keeping his server up-to-date, then these two are the most likely scenarios.
On tools...it's important to note that in forensics on a Linux box, your friends are ethereal (for watching packets on open connections), netstat (to see what's listening), and strace (shows you what UNIX API calls a running process makes, which gives you very good idea about what's going on.)
Other tools: nmap may be useful for seeing what's going on with 62.101.251.166 and 83.18.74.235. The service detection options, in particular. Always do this on a sandboxed host. Something running in a VM might be useful in this regard.
Anyway, nice article. This is almost exactly how I proceeded when one of my own servers was hacked a few years ago.
Heh. Well, 50 more years of burning gasoline in your 10 MPG HUMMER and burning coal to power your 2-hr battery life Sony laptop, and world hunger will be the least of your concerns. The entire world economy will be collapsing under its own weight as the few remaining superpowers burn even more oil fighting wars over the last few remaining drops of oil. Adding to it, due to fact that the polar ice caps will have melted so much, the home you bought next to the ocean is now under water. Chaos and panic are setting in as people struggle to figure out exactly what it is they're going to do now that the governments have failed to maintain order.
Good luck with that!
Oh yeah...and you don't need to take sugar from grains or cane, either. Sugar can be acquired from almost any plant cellulose.
The registrars I've used charge nothing to substitute their own details for the registrants in the public WHOIS response. And their "profits far in excess"? On the $15-a-year fees, they're welcome to any profit they can take. Ditto. One site I maintain currently is using shared hosting, and the hosting provider (blatant plug for ya, Jen!) charges like somewhere around $15 a year for domains that they maintain (bundled with the account, so there's no separate charge), and like $8.75 a year for domains that you maintain. They charge nothing to use their own details for the registrants in WHOIS. There are companies that have formed businesses around selling unlisted domains, but their fees aren't much different than that $15.00 a year that seems to be the going rate these days.
So I don't know who's making money selling private domain names, but it doesn't seem to be any of the abovem, because none of them charge extra.
Nope. Apple's gonna change their ticker symbol to TUNE.
Re: OSI? Do you mean TCP/IP? ;-)
on
Network Warrior
·
· Score: 2, Informative
Trick I use to remember... All People Seem To Need Data Processing = A)pplication 7 P)resentation 6 S)ession 5 T)ransport 4 N)etwork 3 D)ata-Link 2 P)hysical 1
Oh yeah, and I paid a whopping $10 for the hardware in my Freevo box -- the $10 was for the TV capture/video card from a garage sale. The rest of the computer was a throwaway.
Yeah, but building a MythTV or Freevo box gives you a lot more flexibility. Don't know about Myth, but Freevo has the ability to be an entirely client-server architecture, where you can have one box be a record server, and another box be a player, etc. This allows you to have HTPCs in every room of the house and watch anything you want anytime you want, without having to pay for a bunch of cable boxes. Plus, a MythTV or Freevo box is DRM free and you have commercial skip (as unreliable as that is), etc. And with Myth or Freevo, you can watch all those movies you downloaded from BitTorrent or from a website in Antigua. l)
No more drinking/smoking/snorting before you post on Slashdot, k? ;)
But, how would you fix that? It's not like finding out things in Windows takes any fewer clicks, but then, we shouldn't be using Windows as our benchmark. The idea is not to copy Redmond, but do better than Redmond.
Very few things require text file editing anymore. Most common system administration tasks have a GNOME GUI now in most distros. The only egregious example I can think of is in switching video cards. Get a new video card that requires a different driver, and you'll find yourself hand-hacking
The worst thing is permissions editing in Nautilus. Despite the fact that it's SUPPOSED to work, I still can't change permissions recursively on all files and directories from Nautilus without resorting to the command line. I'm about this close to writing a Python-based GTK GUI script and adding it to Nautilus' action menus in Ubuntu Feisty.
The other egregious example of forced command-line usage for me was cleaning my Epson printer, aligning its cartridges, etc. This is now handled for me by my GUI-frontend to escputil, Stylus Toolbox
Ubuntu comes with a few compilers right on the CD, but none are installed by default. Windows, OTOH, doesn't even include any general purpose language right on the CD. At least DOS came with GWBASIC and/or QBASIC. With Windows you get nothing.
Yeah, I knew you could. The average Linux distribution doesn't have anything close to a 1000 licenses in it. Stop being ridiculous. There is pretty much BSD/MIT/X11, GPL, LGPL, Mozilla, Artistic, and maybe a couple of others, depending on what apps are installed.
And in the end -- so what? FOSS licenses break down into two categories: BSD-type and GPL-type. That's it. They're all pretty much the same, especially ones that conform to the Open Source Definition, so who cares?
Huh? If you're running a server with 'regular' users, and you're using even remotely dictionary-based passwords, you deserve to get hacked.
Tt's the Digital Millennium Copyright Act and phew, is it stinkin' up the place!
Because most patent infringement cases are decided by juries. Prior art claims need to be ruled on by a judge, but 12 people, too stupid to get out of jury duty, get to decide if the infringing work actually infringes on the claims.
:D
Don't you just love our court system here in the U.S.?
Bleh. I had already blocked off the mail port with IPtables. It was the fact that it was sending thousands of mails an hour that I noticed it was a problem at all.
It's not a great analysis, no. In my case, I was actually able to find the hole (an unpatched BIND with a known exploit -- ouch! That'll teach me to keep my patches up to date!), the attackers IP address, (which was not easy to find. I had to sleuth around a bit a contact a few sysadmins before I traced him down to a cybercafe in China) but it's a good start.
Taking tha machine offline immediately -- bleh. It depends on the box. In my case, my box was nothing more than a old machine being used as a firewall. He was never successful in getting through to my boxes behind the firewall, he tried...but something he saw must've spooked him or made him disintrested, because he stopped looking and just left the box open as a zombie. My guess is that's all he was after was a zombie anyway. So shutting down the box would have saved me exactly what?
* An exploit unknown to the public.
* A user accessing this server from an already compromised host. The attacker could then sniff the the password. It's a very good question, because if the guy was keeping his server up-to-date, then these two are the most likely scenarios.
On tools...it's important to note that in forensics on a Linux box, your friends are ethereal (for watching packets on open connections), netstat (to see what's listening), and strace (shows you what UNIX API calls a running process makes, which gives you very good idea about what's going on.)
Other tools: nmap may be useful for seeing what's going on with 62.101.251.166 and 83.18.74.235. The service detection options, in particular. Always do this on a sandboxed host. Something running in a VM might be useful in this regard.
Anyway, nice article. This is almost exactly how I proceeded when one of my own servers was hacked a few years ago.
Heh. Well, 50 more years of burning gasoline in your 10 MPG HUMMER and burning coal to power your 2-hr battery life Sony laptop, and world hunger will be the least of your concerns. The entire world economy will be collapsing under its own weight as the few remaining superpowers burn even more oil fighting wars over the last few remaining drops of oil. Adding to it, due to fact that the polar ice caps will have melted so much, the home you bought next to the ocean is now under water. Chaos and panic are setting in as people struggle to figure out exactly what it is they're going to do now that the governments have failed to maintain order.
Good luck with that!
Oh yeah...and you don't need to take sugar from grains or cane, either. Sugar can be acquired from almost any plant cellulose.
Which doesn't appear properly in IE6, btw.
So I don't know who's making money selling private domain names, but it doesn't seem to be any of the abovem, because none of them charge extra.
Nope. Apple's gonna change their ticker symbol to TUNE.
Trick I use to remember...
All People Seem To Need Data Processing =
A)pplication 7
P)resentation 6
S)ession 5
T)ransport 4
N)etwork 3
D)ata-Link 2
P)hysical 1
Now do I get a gold star?
Ouch. The link is not for the squeamish. Trust me.
No problem. They just need to hook up with These guys.
The Mafia don't use drive-by shootings. That's for the gangs. Nope, the mob prefers it nice, clean, accurate and no witnesses.
Maybe. It's a question of which special interest group will Congress bow to -- the U.S. casino industry or the MAFIAA and the BSA?
You're right, though, my money's on the MAFIAA.
Oh yeah, and I paid a whopping $10 for the hardware in my Freevo box -- the $10 was for the TV capture/video card from a garage sale. The rest of the computer was a throwaway.
Yeah, but building a MythTV or Freevo box gives you a lot more flexibility. Don't know about Myth, but Freevo has the ability to be an entirely client-server architecture, where you can have one box be a record server, and another box be a player, etc. This allows you to have HTPCs in every room of the house and watch anything you want anytime you want, without having to pay for a bunch of cable boxes. Plus, a MythTV or Freevo box is DRM free and you have commercial skip (as unreliable as that is), etc. And with Myth or Freevo, you can watch all those movies you downloaded from BitTorrent or from a website in Antigua. l)