Presumably you could wait until the ethernet hardware has an IP address or the modem is connected, and THEN ping out. Just because the OS isn't invoking it doesn't mean the BIOS chips are still there, powered up, and capable of doing things.
Am I saying the US spends too much on the military? Where?
What I'm saying is that when the Euros do the SAME DAMN THING as the US (IE: spend money on the military) it's bad, but when the US does it, it's good. Double standard much?
Provided it's clearly stated before you sign on the dotted line, I'm 100% OK with being throttled if I use too much in a day.
Throttled, mind you - not cut off.
I've been hanging on to an email from the Vuln-dev list for ages that links to the UIUC bandwidth policy, because I think it kicks that much ass. A fair policy that keeps the heavy users from choking the others out, but still lets you get in the big DL's if you need them.
Unrestricted Class (10Mb/s): By default, connections are in this class. The connection is not artificially throttled or limited.
Restricted Class A (128kb/s per flow): When the Internet traffic of an IP address reaches 80% of the limit (600MB), the IP address (computer) will be rate-limited (throttled) to 128kb/s per flow.
Restricted Class B (32kb/s per flow): When the Internet traffic of an IP address reaches 100% of the limit (750MB), the IP address (computer) will be rate-limited (throttled) to 32kb/s per flow.
Restricted Class C (512kb/s aggregate): When the Internet traffic of an IP address reaches 150% of the limit (1125MB), the IP address (computer) will be rate-limited (throttled) to approximately the speed of a 33.6 modem (about.32% of the bandwidth in the unrestricted class).
"Q: Will I ever get shut down for traffic? A: The current "rate-limiting" system does not turn off ports it just slows down your connection. However, rooms and computers may still be turned off for many other reasons (viruses, copyright, abuse of the network, and for very large amounts of traffic as determined by the CIO's office)."
That progressive degradation sounds great to me. Just alter the breakpoints and you can have different plans for business/residential too.
Anyone rolled something like this out? Any pointers?
I don't see that it does anything other than keep Europes high tech industry working and sucking Europes taxpayers dry.
Of course, when the US goes and dumps huge amounts into the military-industrial complex, doing the same bloody thing, that's "encouraging growth" and "creating jobs", both of which are generally considered good.
just another tactic to assimilate everyone into the MS collective?
I've rarely seen a better example of when the [OBVIOUS] tag would be used.
Re:Screw multimedia; how about software?
on
P2P Meets Push
·
· Score: 1
fmirror + cron is your friend.
True, you do have needless queries, when there isn't an update, but if they send an email or some other notification, it's trivial to use that as the fmirror trigger instead of cron.
That's not an answer - emulating that hardware is only an issue because you want to keep something around. In your example, it's the software you want to keep, but his question still stands.
I can see how it's viewed that way - certainly, I look at it a little distastefully myself... but it really can also be looked at as almost something judo-like, using the enemy's force (money) against them (keeping the site up).
Or you can look at it as taking their money to keep fighting the good fight against them with their own resources.
I think it all depends on how effective you consider ads to be. If you think they're a waste of money, then MS is throwing theirs away while/. gets to laugh at them, and use the money to keep boosting Linux. If you think ads work well, then/. is a sellout and hurting its own cause.
Re:What must have gone through the FirebirdSQL min
on
Mozilla's Joy Of Naming
·
· Score: 0, Flamebait
Yep, and now I know them, and will make sure I never, ever use or recommend their product. Same as qmail - DJB's a prick, so I won't use it, even if it's better than the competition (and Postfix is just as good).
I consider it voting for politeness with my SMTP banner.;)
Spam filtering, in general, doesn't actually save the ISP where it's getting hurt.
A non-filtering ISP gets hit in two places:
- storage
- bandwidth
When running filtering on the system, you generally DO NOT automatically bounce the message. Certainly not as an ISP, as the risk of a false positive is just too great. Instead, you tag it, and pass it on to the end user for them to decide what to do.
So, you're still getting hit for:
- storage
- bandwidth and now you've added on more CPU cycles for the same amount of mail.
I'm not saying they won't put this type of stuff in - but it won't alleviate the main problems they've been seeing, and it will put more load on the servers. If the servers were anywhere near CPU capacity, they'll need more iron to handle it. If they were just near I/O capacity, then they should be fine.
I'll bet my current Bayesian system is less CPU-intensive than a simple keyword-filter that has 5000 "keywords" in its database.
I'm sure it is - but that's not the comparison the ISP is having to make.
The ISP is generally running with virtually nothing, or perhaps is using some realtime blacklist.
The RBL's aren't CPU dependent, they're latency dependent, so your hardware still trundles along just fine, although the messages may take a little longer to come in, and your DNS server gets more of a workout.
Instead, the ISP is looking at going from no matching at all - just a simple user lookup, copy data to user folder, exit system, which is generally going to be I/O bound, to some kind of processing of the data. That's going to be a large difference from a "bare" mail server.
If they've already got something else in place, then the difference won't be as drastic, but from what I've seen, most ISP's have a bare minimum on their mail servers and that's it.
People (meaning Joe Average) don't use it because it's tricky to set up.
ISP's don't use it because it massively increases the load on their mail servers, which are likely wheezing at the load of simply bouncing all that spam mail anyways.
Provided Earthlink has an efficient method to break up the load of tracking all those "pending ack" emails, it should be quite a bit lower load on their servers than something like SpamAssassin's multiple full-body pattern matches.
Don't get me wrong - I love SA and use it on our server here - but it adds a lot of processing to what is generally a lightweight accept/store process.
# Shut up and patch your systems like the rest of the planet
I work with Koreans. There's about a ten times higher likelihood of all software becoming bugfree, than these yahoos (speaking widely and pejoratively, the best way to be offensive in my books) learning to update their software.
After telling them five or more times to always disable telnet - they use that exclusively and not SSH.
Updates? Only if you burn them on a CD-ROM. Never mind that CD-ROM will be out of date within a week, and a proper update source would work better.
Turning off unneeded services? Well, how can you KNOW you don't need them? Better leave them on.
Firewalls? OK, but only if we can open up all the ports so we can keep swapping movies.
Antivirus? Nah, that's just crazy talk.
Thinking? Understanding WHY you do something, instead of just what to type? Hell will freeze over first. They just want to be digital parrots, that get lost at the first odd response.
Sometimes I wish there was the equivalent of Windows Update for Linux.
In essence, there is. Just requires (as always) a little manual setup on your own.
I have one central update box. It runs fmirror every three hours, pulling down the latest Mandrake patches (8.2, 9.0, 9.1) and emails me if there has been a change.
That box has NFS exports (you could use ftp, if you wish, to avoid the NFS problems) to all the other servers.
The other servers have the update box defined as an "update" source in urpmi.
I can then just log on and run: urpmi.update -a (updates the list of available RPM's on the local server's cache) urpmi --update --auto-select (installs any updated versions of RPMS, autoselecting any dependencies)
Dead simple. I don't auto-patch for various paranoid reasons, but there's no reason I can't put in the list update automatically too.
Is this as dead simple as using Windows Update? No.
It is, however, simpler than MAKING windows update was for Microsoft, and that's largely the work I've replicated.
Re:wireless security
on
802.11 Security
·
· Score: 2, Interesting
I believe you're overlooking the case of network abuse.
We had our DSL turned off with no warning, and apparently it was due to somebody trying to spam/attack the MSN Gaming Zone boards.
When tracked back, it appears to have been a laptop with a wireless card, that was reconfigured to bridging - turning it into an open WAP.
At no time did the intruder do anything to any of our systems... but it still caused us major grief for a day!
We have a Tektronix Phaser 850 color printer - one of the fancy ones that takes blocks of solid, colored wax, and melts them down for ink.
We started getting a warning a few months back about "Change maintenance kit"... but the kit life is SUPPOSED to be ten thousand pages, and we've only done about 5000 on it since we installed it.
Turns out it's "10000 or one year" - which isn't mentioned on the status pages anywhere, and this little dinky maintenance kit that consists of a plastic tray, roller, and squeegee blade also has a little chip in a housing at the front of it, that locks in what time it was first installed.
If you try to roll the printer clock back, the date the tray was installed rolls back too. Clever buggers.
So now, we have this damned annoying error message that the sales droids keep forgetting isn't that important, and keep warning us about.
Oh, and how much for this cheap plastic tray, roller and squeegee (and completely unnecessary chip)? $90 US. Criminal.
Well, in addition to what the other respondent said, which is that keeping passwords from going in the clear is a pretty valuable item, I generally find that ssh/scp stuff is written to a higher standard.
It's security-realm software, and the authors know it, and take a lot of care with it. With XYZftpd, you have no idea, and don't get me started on the variety of slapdash FTP clients that are out there.
Slashdot Mirror
Presumably you could wait until the ethernet hardware has an IP address or the modem is connected, and THEN ping out. Just because the OS isn't invoking it doesn't mean the BIOS chips are still there, powered up, and capable of doing things.
As I said to the AC, you're missing the point of my rebuttal.
I'm not saying the US spends too much on the military. I'm pointing out the conflicting judgement on two basically identical actions.
The US spends money on their military to ensure their own soveriegnty, and people go "yay!".
The Euros do the same thing, and everyone castigates them.
Am I saying the US spends too much on the military? Where?
What I'm saying is that when the Euros do the SAME DAMN THING as the US (IE: spend money on the military) it's bad, but when the US does it, it's good. Double standard much?
Ah, I'd tried "white noise" before I posted. Proper terms certainly help. ;)
Thanks for the pointer.
Provided it's clearly stated before you sign on the dotted line, I'm 100% OK with being throttled if I use too much in a day.
.32% of the bandwidth in the unrestricted class).
Throttled, mind you - not cut off.
I've been hanging on to an email from the Vuln-dev list for ages that links to the UIUC bandwidth policy, because I think it kicks that much ass. A fair policy that keeps the heavy users from choking the others out, but still lets you get in the big DL's if you need them.
Unrestricted Class (10Mb/s): By default, connections are in this class. The connection is not artificially throttled or limited.
Restricted Class A (128kb/s per flow): When the Internet traffic of an IP address reaches 80% of the limit (600MB), the IP address (computer) will be rate-limited (throttled) to 128kb/s per flow.
Restricted Class B (32kb/s per flow): When the Internet traffic of an IP address reaches 100% of the limit (750MB), the IP address (computer) will be rate-limited (throttled) to 32kb/s per flow.
Restricted Class C (512kb/s aggregate): When the Internet traffic of an IP address reaches 150% of the limit (1125MB), the IP address (computer) will be rate-limited (throttled) to approximately the speed of a 33.6 modem (about
"Q: Will I ever get shut down for traffic?
A: The current "rate-limiting" system does not turn off ports it just slows down your connection. However, rooms and computers may still be turned off for many other reasons (viruses, copyright, abuse of the network, and for very large amounts of traffic as determined by the CIO's office)."
That progressive degradation sounds great to me. Just alter the breakpoints and you can have different plans for business/residential too.
Anyone rolled something like this out? Any pointers?
Sorry, but I have to ask for a source on that one... this sounds a little too fishy for me.
I don't see that it does anything other than keep Europes high tech industry working and sucking Europes taxpayers dry.
Of course, when the US goes and dumps huge amounts into the military-industrial complex, doing the same bloody thing, that's "encouraging growth" and "creating jobs", both of which are generally considered good.
just another tactic to assimilate everyone into the MS collective?
I've rarely seen a better example of when the [OBVIOUS] tag would be used.
fmirror + cron is your friend.
True, you do have needless queries, when there isn't an update, but if they send an email or some other notification, it's trivial to use that as the fmirror trigger instead of cron.
That's not an answer - emulating that hardware is only an issue because you want to keep something around. In your example, it's the software you want to keep, but his question still stands.
Why?
AFAIK, if you take a picture in a public place, you own the picture, completely.
Feeding the pigeons amphetamines?
I can see how it's viewed that way - certainly, I look at it a little distastefully myself... but it really can also be looked at as almost something judo-like, using the enemy's force (money) against them (keeping the site up).
Or you can look at it as taking their money to keep fighting the good fight against them with their own resources.
/. gets to laugh at them, and use the money to keep boosting Linux. If you think ads work well, then /. is a sellout and hurting its own cause.
I think it all depends on how effective you consider ads to be. If you think they're a waste of money, then MS is throwing theirs away while
Yep, and now I know them, and will make sure I never, ever use or recommend their product. Same as qmail - DJB's a prick, so I won't use it, even if it's better than the competition (and Postfix is just as good).
;)
I consider it voting for politeness with my SMTP banner.
Only 40 years behind Canada!
(CBC aired Skip Tracer in the 80's, full frontal nudity, middle of the day. No censoring or anything.)
Spam filtering, in general, doesn't actually save the ISP where it's getting hurt.
A non-filtering ISP gets hit in two places:
- storage
- bandwidth
When running filtering on the system, you generally DO NOT automatically bounce the message. Certainly not as an ISP, as the risk of a false positive is just too great. Instead, you tag it, and pass it on to the end user for them to decide what to do.
So, you're still getting hit for:
- storage
- bandwidth
and now you've added on more CPU cycles for the same amount of mail.
I'm not saying they won't put this type of stuff in - but it won't alleviate the main problems they've been seeing, and it will put more load on the servers. If the servers were anywhere near CPU capacity, they'll need more iron to handle it. If they were just near I/O capacity, then they should be fine.
I'll bet my current Bayesian system is less CPU-intensive than a simple keyword-filter that has 5000 "keywords" in its database.
I'm sure it is - but that's not the comparison the ISP is having to make.
The ISP is generally running with virtually nothing, or perhaps is using some realtime blacklist.
The RBL's aren't CPU dependent, they're latency dependent, so your hardware still trundles along just fine, although the messages may take a little longer to come in, and your DNS server gets more of a workout.
Instead, the ISP is looking at going from no matching at all - just a simple user lookup, copy data to user folder, exit system, which is generally going to be I/O bound, to some kind of processing of the data. That's going to be a large difference from a "bare" mail server.
If they've already got something else in place, then the difference won't be as drastic, but from what I've seen, most ISP's have a bare minimum on their mail servers and that's it.
People (meaning Joe Average) don't use it because it's tricky to set up.
ISP's don't use it because it massively increases the load on their mail servers, which are likely wheezing at the load of simply bouncing all that spam mail anyways.
Provided Earthlink has an efficient method to break up the load of tracking all those "pending ack" emails, it should be quite a bit lower load on their servers than something like SpamAssassin's multiple full-body pattern matches.
Don't get me wrong - I love SA and use it on our server here - but it adds a lot of processing to what is generally a lightweight accept/store process.
# Shut up and patch your systems like the rest of the planet
:/
I work with Koreans. There's about a ten times higher likelihood of all software becoming bugfree, than these yahoos (speaking widely and pejoratively, the best way to be offensive in my books) learning to update their software.
After telling them five or more times to always disable telnet - they use that exclusively and not SSH.
Updates? Only if you burn them on a CD-ROM. Never mind that CD-ROM will be out of date within a week, and a proper update source would work better.
Turning off unneeded services? Well, how can you KNOW you don't need them? Better leave them on.
Firewalls? OK, but only if we can open up all the ports so we can keep swapping movies.
Antivirus? Nah, that's just crazy talk.
Thinking? Understanding WHY you do something, instead of just what to type? Hell will freeze over first. They just want to be digital parrots, that get lost at the first odd response.
Yes, I'm getting nice and bitter about it.
Sometimes I wish there was the equivalent of Windows Update for Linux.
In essence, there is. Just requires (as always) a little manual setup on your own.
I have one central update box. It runs fmirror every three hours, pulling down the latest Mandrake patches (8.2, 9.0, 9.1) and emails me if there has been a change.
That box has NFS exports (you could use ftp, if you wish, to avoid the NFS problems) to all the other servers.
The other servers have the update box defined as an "update" source in urpmi.
I can then just log on and run:
urpmi.update -a (updates the list of available RPM's on the local server's cache)
urpmi --update --auto-select (installs any updated versions of RPMS, autoselecting any dependencies)
Dead simple. I don't auto-patch for various paranoid reasons, but there's no reason I can't put in the list update automatically too.
Is this as dead simple as using Windows Update? No.
It is, however, simpler than MAKING windows update was for Microsoft, and that's largely the work I've replicated.
I believe you're overlooking the case of network abuse.
We had our DSL turned off with no warning, and apparently it was due to somebody trying to spam/attack the MSN Gaming Zone boards.
When tracked back, it appears to have been a laptop with a wireless card, that was reconfigured to bridging - turning it into an open WAP.
At no time did the intruder do anything to any of our systems... but it still caused us major grief for a day!
We have a Tektronix Phaser 850 color printer - one of the fancy ones that takes blocks of solid, colored wax, and melts them down for ink.
We started getting a warning a few months back about "Change maintenance kit"... but the kit life is SUPPOSED to be ten thousand pages, and we've only done about 5000 on it since we installed it.
Turns out it's "10000 or one year" - which isn't mentioned on the status pages anywhere, and this little dinky maintenance kit that consists of a plastic tray, roller, and squeegee blade also has a little chip in a housing at the front of it, that locks in what time it was first installed.
If you try to roll the printer clock back, the date the tray was installed rolls back too. Clever buggers.
So now, we have this damned annoying error message that the sales droids keep forgetting isn't that important, and keep warning us about.
Oh, and how much for this cheap plastic tray, roller and squeegee (and completely unnecessary chip)? $90 US. Criminal.
This is the Information Autobahn. If your server can't keep up, use a regular superhighway, or you're just going to get splattered. ;)
Well, in addition to what the other respondent said, which is that keeping passwords from going in the clear is a pretty valuable item, I generally find that ssh/scp stuff is written to a higher standard.
It's security-realm software, and the authors know it, and take a lot of care with it. With XYZftpd, you have no idea, and don't get me started on the variety of slapdash FTP clients that are out there.