Gee, I manage my cloud over SSH tunnels. Authentication is done with public/private key pairs. No SSH root user login. In the rare cases that I need a GUI, it's VNC over an SSH tunnel.
Any other ports?
It's tunnels. All the way down.
Yeah, it sure is unfortunate that you can't do exactly the same thing with RDP. And MS should definitely think of adding IPSEC support one of these days (yes, I know). Of course people are probably less likely to bother, since unless you're French, RDP is fully encrypted (standard VNC only encrypts the password) and talking of passwords it allows them to be more than 8 characters long. You can even have a username too, if you use the right version and configure PAM (joke - there is no right version for that because it's a terrible idea security wise). It has also never had a bug where the client could tell the server it didn't support any of its authentication schemes and so the server simply let it connect without authentication.
In fact this is the first time I've heard of a potential serious vulnerability in Remote Desktop, so frankly this is not the area to be smug about.
Anyway this is a bit too MS positive for my liking, so I'll just add that TurboVNC + VirtualGL + VirtualBox = one fucking awesome free VDI implementation. Add SSH, OpenVPN or IPSEC to taste if you want (although VirtualGL handles SSH itself transparently if you want). Actually for remote admin purposes you only need the 1st part (unless it's a bunch of 3D workstations you're supporting). And possibly a new hobby to use to soak up all the time you used to waste waiting for the screen to refresh. I would also mention FreeNX, but a) I think it gets outperformed by the above and b) I am fucked if I'm setting that damned thing up again just to verify.
Oh yeah, one more neat trick - Virtualbox can run in headless mode on a box with no GUI (or with one, doesn't matter). In this mode it serves up the VM display using an extended version of RDP. The great thing is this doesn't just apply to Windows VMs - it can serve any OS it can run over RDP. Watch the look on your colleague's faces as you get them to fire up MSTSC and connect straight into Ubuntu. Or OS2, OSX, Win 3.1 etc.. etc.. You can even dump them into an EFI shell or the virtual BIOS. Literally minutes of laughs to be had. Oh yeah, you may need the non-open source extension pack for that. Also they're adding VNC in the next release. I have no fucking idea why.
And no, I have no idea why you're not allowed to use RDP encryption in France. I have no idea why they're not allowed to use deoderant either, come to think of it.
Yes, a lot of them don't seem to be able to write unambiguously. If that many people think you were saying one thing when you meant another, it's generally you that fucked up. Hope this helps. If you say someone has a lifetime of 75 years (about the average for the US) and don't mention that they're 12 years old, you probably shouldn't get angry when people ask what the fuck you're talking about.
Similarly, I think the US should hold off on oil extraction until the other nations have started to exhaust their supplies. Once the prices start to rise, only then should we tap our reserves.
Unfortunately "once the prices start to rise" will be the very second your retarded plan is put into action, you fucking Yankee cretin.
I wonder if the EFF had been around in the 1870's if they would have been accusing Alexander Graham Bell of "stifling free speech" with the original telephone....
Yes, I bet that's exactly what would have happened, you unbelievable fucking faggot.
Yeah! To fight dupes I compute CRC checksum for each file and store it (and only it) on my back up drive. That method removes dupes almost automatically and there is a side effect of a huge compression ratio too. I have been downloading the high def videos from Internet for quite a while now and with my compression method I have used less than 10 percent of 1GB flash drive! I strongly recommend this method to everyone!
You only actually need one bit. The "I'm not fucking funny and this is the 5th time I've seen the same fucking joke in the same article bit". I call it the "twat" bit.
Instead of working full-bore on The Next Great FS, it would be really nice to have compression, encryption, deduplication, shadow copies, and idle optimization running in EXT4.
Maybe I'm just jaded, but I've been a Linux user for 12 years now. Sometimes it feels like the names of the technologies are changing, but nothing ever gets 'finished'. Maybe the NTFS/BSD model (good core design, long intervals with only minor changes) would be wise in Linux filesystem development.
So you're saying you'd like to see it evolve slowly like NTFS, while adding all these whiz-bang new features stat?
When can we just effectively get what we pay for? This would explain the sudden jump in Intel-based Camfrog servers with a higher offering of hardware.
This effectively means people can now lie about the hardware they're leasing out to you in a data center. They say you're getting 4GB, you're actually getting 1.5GB of RAM.
Our internet is oversubscribed, our processors are getting there, and now RAM?
When are the designers of this stuff going to just build the fucking hardware instead of trying to lie about it?
Sorry about your anger issues and obvious lack of understanding about what this is.
There was a story a few years back about a Security researcher that determined the quartz units in every computer are unique and have different enough time drift to fingerprint the individual machine's traffic despite IP address changes, proxies or anything similar.
Does it work with TCP timestamps disabled? I'm guessing it doesn't. I always turn them off when deploying Linux servers. At the very least it's worth doing to confuse pen-testers, since it makes OS identification significantly harder. And as far as I'm aware it has roughly zero useful functions these days.
It's really easy to do - it's just a single sysctl setting. And it's even easier on Windows - you just put it behind a Linux router with the right sysctl settings.
Weren't they the Indian car rental company believed to have links to the Mumbai shootings?
FYI - This probably isn't a good place to try your SEO bullshit.
Crownrentcar, semtex, Al Quaeda, Crownrentcar, Bin Laden, Mumbai, Crownrentcar, AR-15, Echelon, Crownrentcar, 9/11, Omaha, Tamil Tigers, Crownrentcar. Does that help ya any?
Its called Windows 2008 Server Core and Powershell.
That's the one that boots to what is obviously a blank Windows desktop with a single cmd.exe window on it, yes? Does it still boot if you take out the graphics card? If not, LOL.
'messing a game up while playing on a gaming platform' is not software programming.
This is the stupidest and most obviously wrong statement I think I've ever seen on the Internet, and I love to troll the forums where whackjobs like you hang out. So er, well done I guess. So wrong in so short a space, there should be a prize really.
Maybe the first was the really easy installation process...
The trouble with BSD people in general is that you can't tell if they're trolling (Theo), being trolled (80% of the BSD community are responding to obvious trolls at any one time which is why they advance so slowly,) or they actually believe what they're saying.
Maybe you're the same guy that said he was running the Linux Quake 3 under OpenBSD's Linux emulation and getting a higher framerate? This was on Slashdot quite a few years ago. It was soon pointed out that it really, really, wasn't possible to run the Linux version of Quake 3 on OpenBSD, and what's more it didn't have any 3d accelerated drivers (at the time anyway). He probably still believes that he did it though and I bet he's not the only one.
chill out and stop taking pot shots at things that aren't related to the subject. this is the internet. you can find a supporting argument or case for anything. you can find test results that agree with any point of view when you're using a lossy bandwidth reduction algorithm because they used just the right input data.
Chill out and stop using AC as a sock puppet. It's the sort of pathetic shit only somebody with a Republican sig could contemplate as a good argument strategy.
i do like the way you just stopped capitalising the first letter of each sentence. if you can do that, then there's literally no need to change your writing style. nobody would ever see past a ruse like that.
Besides, as a right winger, taking pot shots at things unrelated to the subject is your bread and butter. If you can't do that, there is nothing else to distract you from the constant cognitive dissonance required to keep your little brain in one piece and Blammo!, total breakdown, several killed, gunman takes own life, news at 11.
To keep this on on topic did you know that codec stands for Coder/Decoder? Isn't that neat? Now go back to trying to get Newton out of your textbooks, faggot.
Because it's obviously stored along with the domain, you fucking retard.
How fucking stupid do you have to be to be told that it stores certain settings for sites and think that it can do that without storing a reference to the actual site? The answer is unbelievably fucking stupid. Look above for the comment about how it's all stored together on Linux.
And because you're fucking stupid, let me spell out the other risk - a non-default zoom level is proof of visiting that site. Don't you remember that site that could tell you what sites you had visited using CSS to see which link colours had changed? Oh of course you don't, you're an idiot.
And I'm not going off on Google, I don't use their browser and don't give a shit what they do. Idiots on the other hand are incredibly dangerous because they don't realise they're idiots. Please track down a copy of the famous paper "Incompetent and unaware of it". Get someone to read it out to you and point at you when they reach the relevant parts.
If you can do it on Linux, you can do it better on Windows due its superior complex ACL support :
1. Click through a number of complicated windows some of which look identical but aren't. 2. Oh fuck this shit.
I hope this is of help to Windows users. It should be equally easy to reverse, unless you fuck up and remove your own ability to make changes, which you probably will. Fortunately there are a number of Windows focused help forums full of experts who will quickly guide you to a sol.. ahahahaha holy shit I can't even finish that one.
Insightful? WTF. Memory limit is not in license, but in 32-bit architecture.
Yes, that's why there has never been a 32bit machine with more than 4GB of memory. PAE doesn't exist (well it doesn't in XP that was the point he was trying to make). Please don't comment on computer architecture again as you will just make yourself look stupid, and then there'll be a long of people correcting you. It just wastes everyone's time and energy, whereas if you keep your mouth shut everything's fine. OK?
...and make *reliable* drives. I've had 2 500GB and a 320 GB Seagates die, a 1TB Hitachi is beginning to act on its own, so far the only drives I have that seem to work OK are WD (Green, in the PVR). Seagate has a long history of having problems (firmware, hardware) since they bought Maxtor. Give me a reliable 1-2 TB drive instead. So far WD are the only drives that didn't die here.
You may as well stick your fucking anecdotes right up your ass, because I can assure you that nobody fucking cares. Random Slashdot faggot with 2(!) home computers says WD/Hitachi/IBM/Seagate/Whatever make the best drives, news at 11.
Look, I don't like the way Steve Jobs is systematically trying to destroy the personal computer model we've had until now and replace it with a load of pretty locked down shit either.
But just remember this - he's going to die pretty soon and it's going to be really painful. So yeah, he'll try and remove personal freedoms, and then die screaming - it's the perfect outcome if you think about it. Maybe he's set it up as a lesson to his worshippers. Or maybe he really is just a cunt.
Then someone else will take over Apple and try to go down the same path, but the magic will be gone, and all this shit falls apart. Boohoo, so sad.
If one strace's the chrome flash plugin process one discovers that in 10 seconds it issues 56,000 system calls -- 53,000 (95%) of them are useless gettimeofday() calls
Oracle does the same thing with time{} and gettimeofday(). I know why Oracle's doing that and it's entirely legitimate. You have no fucking idea why the Chromified version of Flash is doing that, you just want everyone to know you can use strace and post a silly looking number.
Now debug it properly and tell us whether it's doing it because it's bad software or because it needs to. We can wait.
I have a special request, however. All global warming and card-carrying Greenpeace members should be placed on a boat immediately above the device if this is going to happen.
I think you'll find that if all Americans were placed on a floatilla of boats above the epicentre of the explosion (that was the word you would have used if you weren't an ignorant American cunt) it would have a much more positive and lasting effect). In fact, fuck the oil leak, just do it anyway. Burn the whole fucking planet if it kills every Republican/Libertarian.
Having said that, I'd still pay to take a cruise down there and watch the boom. I'll even sponsor Greenpeace and SeaSheperd to get too close to the blast zone shortly before detonation.:D
I hope you live in Florida you thick yankee cunt. Actually from your comment it seems almost certain. (Imagine popular GIF of Bugs Bunny sawing off Florida here)
Slashdot Mirror
Gee, I manage my cloud over SSH tunnels. Authentication is done with public/private key pairs. No SSH root user login. In the rare cases that I need a GUI, it's VNC over an SSH tunnel.
Any other ports?
It's tunnels. All the way down.
Yeah, it sure is unfortunate that you can't do exactly the same thing with RDP. And MS should definitely think of adding IPSEC support one of these days (yes, I know). Of course people are probably less likely to bother, since unless you're French, RDP is fully encrypted (standard VNC only encrypts the password) and talking of passwords it allows them to be more than 8 characters long. You can even have a username too, if you use the right version and configure PAM (joke - there is no right version for that because it's a terrible idea security wise). It has also never had a bug where the client could tell the server it didn't support any of its authentication schemes and so the server simply let it connect without authentication.
In fact this is the first time I've heard of a potential serious vulnerability in Remote Desktop, so frankly this is not the area to be smug about.
Anyway this is a bit too MS positive for my liking, so I'll just add that TurboVNC + VirtualGL + VirtualBox = one fucking awesome free VDI implementation. Add SSH, OpenVPN or IPSEC to taste if you want (although VirtualGL handles SSH itself transparently if you want). Actually for remote admin purposes you only need the 1st part (unless it's a bunch of 3D workstations you're supporting). And possibly a new hobby to use to soak up all the time you used to waste waiting for the screen to refresh. I would also mention FreeNX, but a) I think it gets outperformed by the above and b) I am fucked if I'm setting that damned thing up again just to verify.
Oh yeah, one more neat trick - Virtualbox can run in headless mode on a box with no GUI (or with one, doesn't matter). In this mode it serves up the VM display using an extended version of RDP. The great thing is this doesn't just apply to Windows VMs - it can serve any OS it can run over RDP. Watch the look on your colleague's faces as you get them to fire up MSTSC and connect straight into Ubuntu. Or OS2, OSX, Win 3.1 etc.. etc.. You can even dump them into an EFI shell or the virtual BIOS. Literally minutes of laughs to be had. Oh yeah, you may need the non-open source extension pack for that. Also they're adding VNC in the next release. I have no fucking idea why.
And no, I have no idea why you're not allowed to use RDP encryption in France. I have no idea why they're not allowed to use deoderant either, come to think of it.
People are making lots of stupid posts today.
Yes, a lot of them don't seem to be able to write unambiguously. If that many people think you were saying one thing when you meant another, it's generally you that fucked up. Hope this helps. If you say someone has a lifetime of 75 years (about the average for the US) and don't mention that they're 12 years old, you probably shouldn't get angry when people ask what the fuck you're talking about.
Similarly, I think the US should hold off on oil extraction until the other nations have started to exhaust their supplies. Once the prices start to rise, only then should we tap our reserves.
Unfortunately "once the prices start to rise" will be the very second your retarded plan is put into action, you fucking Yankee cretin.
Hopefully as soon as possible.
I wonder if the EFF had been around in the 1870's if they would have been accusing Alexander Graham Bell of "stifling free speech" with the original telephone....
Yes, I bet that's exactly what would have happened, you unbelievable fucking faggot.
If Americans don't rein in software patents soon, they're eventually going to turn us into a technological backwater.
I know. Isn't it wonderful?
Yeah! To fight dupes I compute CRC checksum for each file and store it (and only it) on my back up drive. That method removes dupes almost automatically and there is a side effect of a huge compression ratio too. I have been downloading the high def videos from Internet for quite a while now and with my compression method I have used less than 10 percent of 1GB flash drive! I strongly recommend this method to everyone!
You only actually need one bit. The "I'm not fucking funny and this is the 5th time I've seen the same fucking joke in the same article bit". I call it the "twat" bit.
Instead of working full-bore on The Next Great FS, it would be really nice to have compression, encryption, deduplication, shadow copies, and idle optimization running in EXT4.
Maybe I'm just jaded, but I've been a Linux user for 12 years now. Sometimes it feels like the names of the technologies are changing, but nothing ever gets 'finished'. Maybe the NTFS/BSD model (good core design, long intervals with only minor changes) would be wise in Linux filesystem development.
So you're saying you'd like to see it evolve slowly like NTFS, while adding all these whiz-bang new features stat?
I couldn't find any CPU over-subscription thing in open-source hypervisors. It seems to be the only area where open-source hypervisors are lacking.
Didn't look too hard, did you?
When can we just effectively get what we pay for? This would explain the sudden jump in Intel-based Camfrog servers with a higher offering of hardware.
This effectively means people can now lie about the hardware they're leasing out to you in a data center. They say you're getting 4GB, you're actually getting 1.5GB of RAM.
Our internet is oversubscribed, our processors are getting there, and now RAM?
When are the designers of this stuff going to just build the fucking hardware instead of trying to lie about it?
Sorry about your anger issues and obvious lack of understanding about what this is.
There was a story a few years back about a Security researcher that determined the quartz units in every computer are unique and have different enough time drift to fingerprint the individual machine's traffic despite IP address changes, proxies or anything similar.
Does it work with TCP timestamps disabled? I'm guessing it doesn't. I always turn them off when deploying Linux servers. At the very least it's worth doing to confuse pen-testers, since it makes OS identification significantly harder. And as far as I'm aware it has roughly zero useful functions these days.
It's really easy to do - it's just a single sysctl setting. And it's even easier on Windows - you just put it behind a Linux router with the right sysctl settings.
thank you for the info and explanation given http://crownrentcar.net/
Weren't they the Indian car rental company believed to have links to the Mumbai shootings?
FYI - This probably isn't a good place to try your SEO bullshit.
Crownrentcar, semtex, Al Quaeda, Crownrentcar, Bin Laden, Mumbai, Crownrentcar, AR-15, Echelon, Crownrentcar, 9/11, Omaha, Tamil Tigers, Crownrentcar. Does that help ya any?
Its called Windows 2008 Server Core and Powershell.
That's the one that boots to what is obviously a blank Windows desktop with a single cmd.exe window on it, yes? Does it still boot if you take out the graphics card? If not, LOL.
'messing a game up while playing on a gaming platform' is not software programming.
This is the stupidest and most obviously wrong statement I think I've ever seen on the Internet, and I love to troll the forums where whackjobs like you hang out. So er, well done I guess. So wrong in so short a space, there should be a prize really.
Maybe the first was the really easy installation process...
The trouble with BSD people in general is that you can't tell if they're trolling (Theo), being trolled (80% of the BSD community are responding to obvious trolls at any one time which is why they advance so slowly,) or they actually believe what they're saying.
Maybe you're the same guy that said he was running the Linux Quake 3 under OpenBSD's Linux emulation and getting a higher framerate? This was on Slashdot quite a few years ago. It was soon pointed out that it really, really, wasn't possible to run the Linux version of Quake 3 on OpenBSD, and what's more it didn't have any 3d accelerated drivers (at the time anyway). He probably still believes that he did it though and I bet he's not the only one.
chill out and stop taking pot shots at things that aren't related to the subject. this is the internet. you can find a supporting argument or case for anything. you can find test results that agree with any point of view when you're using a lossy bandwidth reduction algorithm because they used just the right input data.
Chill out and stop using AC as a sock puppet. It's the sort of pathetic shit only somebody with a Republican sig could contemplate as a good argument strategy.
i do like the way you just stopped capitalising the first letter of each sentence. if you can do that, then there's literally no need to change your writing style. nobody would ever see past a ruse like that.
Besides, as a right winger, taking pot shots at things unrelated to the subject is your bread and butter. If you can't do that, there is nothing else to distract you from the constant cognitive dissonance required to keep your little brain in one piece and Blammo!, total breakdown, several killed, gunman takes own life, news at 11.
To keep this on on topic did you know that codec stands for Coder/Decoder? Isn't that neat? Now go back to trying to get Newton out of your textbooks, faggot.
Because it's obviously stored along with the domain, you fucking retard.
How fucking stupid do you have to be to be told that it stores certain settings for sites and think that it can do that without storing a reference to the actual site? The answer is unbelievably fucking stupid. Look above for the comment about how it's all stored together on Linux.
And because you're fucking stupid, let me spell out the other risk - a non-default zoom level is proof of visiting that site. Don't you remember that site that could tell you what sites you had visited using CSS to see which link colours had changed? Oh of course you don't, you're an idiot.
And I'm not going off on Google, I don't use their browser and don't give a shit what they do. Idiots on the other hand are incredibly dangerous because they don't realise they're idiots. Please track down a copy of the famous paper "Incompetent and unaware of it". Get someone to read it out to you and point at you when they reach the relevant parts.
If you can do it on Linux, you can do it better on Windows due its superior complex ACL support :
1. Click through a number of complicated windows some of which look identical but aren't.
2. Oh fuck this shit.
I hope this is of help to Windows users. It should be equally easy to reverse, unless you fuck up and remove your own ability to make changes, which you probably will. Fortunately there are a number of Windows focused help forums full of experts who will quickly guide you to a sol.. ahahahaha holy shit I can't even finish that one.
Insightful? WTF. Memory limit is not in license, but in 32-bit architecture.
Yes, that's why there has never been a 32bit machine with more than 4GB of memory. PAE doesn't exist (well it doesn't in XP that was the point he was trying to make). Please don't comment on computer architecture again as you will just make yourself look stupid, and then there'll be a long of people correcting you. It just wastes everyone's time and energy, whereas if you keep your mouth shut everything's fine. OK?
...and make *reliable* drives. I've had 2 500GB and a 320 GB Seagates die, a 1TB Hitachi is beginning to act on its own, so far the only drives I have that seem to work OK are WD (Green, in the PVR). Seagate has a long history of having problems (firmware, hardware) since they bought Maxtor. Give me a reliable 1-2 TB drive instead. So far WD are the only drives that didn't die here.
You may as well stick your fucking anecdotes right up your ass, because I can assure you that nobody fucking cares. Random Slashdot faggot with 2(!) home computers says WD/Hitachi/IBM/Seagate/Whatever make the best drives, news at 11.
I think you can draw the same analogy here.
Yeah, but don't - it's fucking terrible.
Look, I don't like the way Steve Jobs is systematically trying to destroy the personal computer model we've had until now and replace it with a load of pretty locked down shit either.
But just remember this - he's going to die pretty soon and it's going to be really painful. So yeah, he'll try and remove personal freedoms, and then die screaming - it's the perfect outcome if you think about it. Maybe he's set it up as a lesson to his worshippers. Or maybe he really is just a cunt.
Then someone else will take over Apple and try to go down the same path, but the magic will be gone, and all this shit falls apart. Boohoo, so sad.
If one strace's the chrome flash plugin process one discovers that in 10 seconds it issues 56,000 system calls -- 53,000 (95%) of them are useless gettimeofday() calls
Oracle does the same thing with time{} and gettimeofday(). I know why Oracle's doing that and it's entirely legitimate. You have no fucking idea why the Chromified version of Flash is doing that, you just want everyone to know you can use strace and post a silly looking number.
Now debug it properly and tell us whether it's doing it because it's bad software or because it needs to. We can wait.
I have a special request, however. All global warming and card-carrying Greenpeace members should be placed on a boat immediately above the device if this is going to happen.
I think you'll find that if all Americans were placed on a floatilla of boats above the epicentre of the explosion (that was the word you would have used if you weren't an ignorant American cunt) it would have a much more positive and lasting effect). In fact, fuck the oil leak, just do it anyway. Burn the whole fucking planet if it kills every Republican/Libertarian.
Having said that, I'd still pay to take a cruise down there and watch the boom. I'll even sponsor Greenpeace and SeaSheperd to get too close to the blast zone shortly before detonation. :D
I hope you live in Florida you thick yankee cunt. Actually from your comment it seems almost certain. (Imagine popular GIF of Bugs Bunny sawing off Florida here)