I have had a lot of fun with snort. Perhaps the greatest thing it does is deter would-be bad guys from even looking at your machine twice... as soon as they find you've got snort running they go away in most cases.
This does not apply to the script-kiddies running the NT http directory traversals every 15 minutes against your Linux box. I have found that even a good solid dos does not stop THEM.
Oh yeah while I am here, why haven't the lords of slashdot run my story on the current bitchx source tarball trojan? You could save an awful lot of folks grief by just running the damn story and not worrying about the fact that you ran the same story months ago. This is a new, different incarnation of the thing and it is quite bad; giving paz.bakunin.net a root shell on the system of anybody running the configure script from the bitchx source tarball downloaded from ftp.bitchx.org.
The md5sum of the trojanned bitchx is:
a9d6bb266c503a09d46cef679fce8320
The md5sum of the clean bitchx is:
79431ff0880e7317049045981fac8adc
The name of the bitchx source tarball is:
ircii-pana-1.0c19.tar.gz
If you run the configure script from the trojanned tarball, you will wind up with a connection to port 6667 on paz.bakunin.net with a shell on your end. Also, a copy of your/etc/passwd file will be sent to that port.
I can state with 100% certainty that the BitchX package that is part of slackware 8.1 is totally clean and safe. The BitchX source tarball from ftp.irc.org is also clean.
I always wondered why Slackware didn't take advantage of gnu stow for packaging. I'd say I have "upgraded" about two-thirds of my slackware installation with "stowed-in" replacements:
./configure --prefix=/usr/local make make prefix=/usr/local/stow/pkgname-1.2.3 install pushd/usr/local/stow # possible "stow -D pkgname-1.2.2" here. stow pkgname-1.2.3 ldconfig popd
Stow is a phenomenal tool, and it's a shame nobody uses it to build a distro.
I'll second you. LyX rips, rocks, and rules, and it imported my hand-made laTeX resume without a hitch. The output is via TeX, and it is so beautiful it makes you want to cry.
I know that, and I appreciate JED's contributions immensely... I didn't intend to slight him, Bram Moolenaar (vim), or Mike Elkins (mutt). I feel that Sven has made the greatest overall contribution in the area of console apps by his tireless (sometimes it seemed he was on lusenet 120 hours straight!) and entirely unremunerated activity.
Sven is the troglo-master! By fearlessly advocating for console based applications, he has made possible the continued success of all my most beloved apps: mutt, slrn, and vim! Sven has been on lusenet 24/7 for at least 5 years. It's a fact!
I think it was probably just due to the phenomenal unpopularity of J++. M$ gave away tens-of-thousands of copies of J++ to anyone who would even claim to work in education, and I'm sure they wrote off every penny of the full retail value on the old tax sheet. So J++ was a moneymaker for them without them having to market it, or even sell it! Now they can just walk away from it and lose nothing in the process.
There is a real and compelling reason why we have not gone metric -- It is possible to verify measurements down to 1/100 inch with a pocket scale, but only to 1/10 mm. Thus, a shop worker can make finer adjustments on-the-fly with the English system than with the metric system.
If you don't believe me go ahead and call an applications engineer at Starrett and ask them what reason their customers give most often.
Eric, why in the world is NetHack so hard to build?? Did you make it difficult on purpose? Some of us only have time to play games when we're sick, and it took me the whole day the first time just to get the darn thing built! I probably could have patched it in the same amount of time.
Aw, come on now people... Corel has given away a zillion copies of WP8 for Linux, taking a big loss in the process, and they are TRYING to learn how to play ball in the hard-ass world of Free Software, wich, as we all know, is a LOT more brutal than business.
I have got 4 people to drop windows ENTIRELY since pointing them at WP8. It's not open source, but it fills a painful niche until LyX matures.
A painful niche? Wow, talk about a weird mixed metaphor...
Slashdot Mirror
haha! the last place i worked we had a ee put
mov networks on the contactors of every piece
of equipt in the building that used mechanical
relays.
some time later we hired some e-lec-tric-i-ans
to upgrade a fuse box, and they went all through
the building stripping off the mov networks.
when i asked what the **** they thought they were
doing they said "aw, you don't need these
capacitors any more, we put a new fuse box in."
but, they were cheap.
I have had a lot of fun with snort. Perhaps
/etc/passwd file will
the greatest thing it does is deter would-be
bad guys from even looking at your machine
twice... as soon as they find you've got snort
running they go away in most cases.
This does not apply to the script-kiddies running
the NT http directory traversals every 15 minutes
against your Linux box. I have found that even a
good solid dos does not stop THEM.
Oh yeah while I am here, why haven't the lords of
slashdot run my story on the current bitchx
source tarball trojan? You could save an awful
lot of folks grief by just running the damn story
and not worrying about the fact that you ran the
same story months ago. This is a new, different
incarnation of the thing and it is quite bad;
giving paz.bakunin.net a root shell on the system
of anybody running the configure script from the
bitchx source tarball downloaded from
ftp.bitchx.org.
The md5sum of the trojanned bitchx is:
a9d6bb266c503a09d46cef679fce8320
The md5sum of the clean bitchx is:
79431ff0880e7317049045981fac8adc
The name of the bitchx source tarball is:
ircii-pana-1.0c19.tar.gz
If you run the configure script from the trojanned
tarball, you will wind up with a connection to
port 6667 on paz.bakunin.net with a shell on your
end. Also, a copy of your
be sent to that port.
I can state with 100% certainty that the BitchX
package that is part of slackware 8.1 is totally
clean and safe. The BitchX source tarball from
ftp.irc.org is also clean.
http://www.science.sp-agency.ca/Spacebound97/Mater ials-Science/Song/song.htm
I always wondered why Slackware didn't take advantage of gnu stow for packaging. I'd say I
/usr/local/stow
have "upgraded" about two-thirds of my slackware
installation with "stowed-in" replacements:
./configure --prefix=/usr/local
make
make prefix=/usr/local/stow/pkgname-1.2.3 install
pushd
# possible "stow -D pkgname-1.2.2" here.
stow pkgname-1.2.3
ldconfig
popd
Stow is a phenomenal tool, and it's a shame nobody
uses it to build a distro.
I've been a slacker since 1995. Thanks Patrick.
I'll second you. LyX rips, rocks, and rules, and
it imported my hand-made laTeX resume without a hitch. The output is via TeX, and it is so beautiful it makes you want to cry.
http://www.lyx.org
see dee (pause) slash (pause) enter
arr emm (pause) dash arr eff (pause) star (pause) enter
Nope, didn't work... slashdot is still here!
I know that, and I appreciate JED's contributions immensely... I didn't intend to slight him, Bram Moolenaar (vim), or Mike Elkins (mutt). I feel that Sven has made the greatest overall contribution in the area of console apps by his tireless (sometimes it seemed he was on lusenet 120 hours straight!) and entirely unremunerated activity.
Sven is the troglo-master! By fearlessly advocating for console based applications, he has made possible the continued success of all my most beloved apps: mutt, slrn, and vim! Sven has been on lusenet 24/7 for at least 5 years. It's a fact!
I think it was probably just due to the phenomenal unpopularity of J++. M$ gave away tens-of-thousands of copies of J++ to anyone who would even claim to work in education, and I'm sure they wrote off every penny of the full retail value on the old tax sheet. So J++ was a moneymaker for them without them having to market it, or even sell it! Now they can just walk away from it and lose nothing in the process.
Thank you all for pointing out my error.
The metric pocket scale has divisions only down to 0.5mm, not 0.1 mm.
Once again, thank you all for the lovely flames. My toast is properly browned.
Phil
There is a real and compelling reason why we have
not gone metric -- It is possible to verify
measurements down to 1/100 inch with a pocket scale, but only to 1/10 mm. Thus, a shop worker
can make finer adjustments on-the-fly with the English system than with the metric system.
If you don't believe me go ahead and call an applications engineer at Starrett and ask them what reason their customers give most often.
Phil
Eric, why in the world is NetHack so hard to build?? Did you make it difficult on purpose?
Some of us only have time to play games when we're sick, and it took me the whole day the first time just to get the darn thing built! I probably could have patched it in the same amount of time.
Really, is it such a mess on purpose?
Phil
Aw, come on now people... Corel has given away a zillion copies of WP8 for Linux, taking a big loss in the process, and they are TRYING to learn how to play ball in the hard-ass world of Free Software, wich, as we all know, is a LOT more brutal than business.
I have got 4 people to drop windows ENTIRELY since pointing them at WP8. It's not open source, but it fills a painful niche until LyX matures.
A painful niche? Wow, talk about a weird mixed metaphor...
Phil
Does anyone remember that one? GCS played a mental patinet who thought he was Sherlock Holmes? A great little film!